Detecting File Sharing
Deep packet inspection can be used to identify illegal file sharing as it can identify certain key characteristics like the application:
By stripping off the headers, deep packet inspection devices can use the resulting payload to identify the program or service being used. Procera, for instance, claims to detect more than 300 application protocol signatures, including BitTorrent, HTTP, FTP, SMTP, and SSH. Ellacoya reps tell Ars that their boxes can look deeper than the protocol, identifying particular HTTP traffic generated by YouTube and Flickr, for instance1.
The same article that is the source of the above quote also says the "filenames of P2P files" can be identified by "DPI."
The only question then is whether or not the individuals involved in the file sharing have the legal right to do so.
Other DPI Benefits
'Packet inspection serves a number of pro-consumer purposes,' read McSlarrow. 'First, it can be used to detect and prevent spam and malware, and protect subscribers against invasions of their home computers. It can identify packets that contain viruses or worms that will trigger denial of service attacks; and it can proactively prevent so-called Trojan horse infections from opening a user's PC to hackers and surreptitiously transmitting identity information to the sender of the virus. Packet inspection can also be used to help prevent phishing attacks from malicious e-mails that promote fake bank sites and other sites. And it can be used to prevent hackers from using infected customers' PCs as 'proxies,' a technique used by criminals, in which user PCs are taken over and used as jumping-off points to access the Internet, while the traffic appears to be generated by the subscriber's PC. As a result, the technology can be used in spam filters and firewalls.'2
Sources
- What IS "Deep Packet Inspection" (Wikipedia)
- Contrast DPI with "Shallow" Packet Inspection" "This [DPI] is in contrast to shallow packet inspection (usually called Stateful Packet Inspection) which just checks the header portion of a packet."
- Measuring Illicit File Sharing With DPI - Detica CView
- Virgin ISP Using DPI to Identify Illegal File Sharing
- More on Virgin
- Cox Testing DPI. DPI Prevalent Outside US
- DPI In Use for Communications Assistance for Law Enforcement Act ("CALEA")
- How DPI Really Works
- More on CALEA
- "Deep Packet Inspection is Essential for Net Neutrality"
- DPI For Mobile Networks - A "Necessity"
- Arbor Networks DPI Solution
- Narus DPI Solutions
- Procera Networks DPI Solutions
- New Zealand Using DPI to Filter for Child Porn
- "Towards the Detection of Encrypted BitTorrent Traffic through Deep Packet Inspection"
