Abstract
In recent years deep packet inspection (DPI) has often been cited as a major factor in the debate concerning net neutrality. Packet inspection (PI) enables a profound analysis of the contents of IP-packets, especially with respect to the application layer and private data. To protect against this sort of privacy invading attack users are usually advised to encrypt as much of their data as possible in an online transaction. However, current PI-engines not only use plain text analysis but also employ a variety of statistical methods. This in turn allows the analysis and classification of packets even if encryption or obfuscation methods have been applied. It is possible to monitor and shape packet flows in real time and on a large scale. These PI-engines are deeply embedded in the current network infrastructure due to the requirements of lawful interception. This brings about a huge potential for misuse, because the engine’s operation is not ‘visible’ to the end-user.
Chapter PDF
Similar content being viewed by others
References
Boehme-Neßler, V.: Unscharfes Grundgesetz — Anmerkungen zum Verfassungsrecht in der digitalisierten Welt. In: Institut für Wirtschaftsrecht, 60 Jahre Grundgesetz, pp. 155–188. Kassel University Press (2010)
Roßnagel, A., Mayer-Tasch, P. C., Saladin, P. V.: Radioaktiver Zerfall der Grundrechte: Zur Verfassungsvertraglichkeit der Kernenergie. Beck, München (1984)
Champagne, A.: Watching over you. In: Le Monde diplomatique (January 2012), http://mondediplo.com/2012/03/16internet
Brodkin, J.: Iran reportedly blocking encrypted Internet traffic (February 2012), http://arstechnica.com/tech-policy/news/2012/02/iran-reportedly-blocking-encrypted-internet-traffic.ars
Ingham, K., Forrest, S.: A History and Survey of Network Firewalls, A history and survey of network firewalls. Tech. Rep. TR-CS-2002-37, University of New Mexico Computer Science Department (2002)
Serpanos, D.N., Wolf, T.: Architecture of network systems. Morgan Kaufmann, Burlington (2011)
Anderson, N.: Deep packet inspection meets ’Net neutrality, CALEA, vom 25 July (2007), http://arstechnica.com/hardware/news/2007/07/Deep-packet-inspection-meets-net-neutrality.ars/2
IEEE 802.3 Ethernet, http://standards.ieee.org/about/get/802/802.3.html
IEEE P802.3ba 40Gb/s and 100Gb/s Ethernet Task Force Public Area, http://www.ieee802.org/3/ba/public/index.html
Ipoque, Deep packet inspection solutions for network operators, http://ipoque.com/en/products/pace-network-analysis-with-deep-packet-inspection
Netronome, http://www.netronome.com/pages/heterogeneous-architecture
AdvancedTCA Specifications for Next Generation Telecommunications Equipment, http://www.picmg.org/v2internal/resourcepage2.cfm?id=2
Liberatore, M., Levine, B.N.: Inferring the Source of Encrypted HTTP Connections. In: CCS 2006: Proceedings of the 13th ACM Conference on Computer and Communications Security, pp. 255–263. ACM Press, New York (2006)
Alshammari, R., Nur Zincir-Heywood, A.: Can encrypted traffic be identified without port number, IP addresses and payload inspection? Computer Networks 55, 1326–1350 (2010)
Hjelmvik, E., John, W.: Breaking and Improving Protocol Obfuscation, Dep. of Computer Science and Engineering, Chalmers University of Technology, Technical Report No. 2010-05 (2010) ISSN 1652- 926X, http://publications.lib.chalmers.se/cpl/record/index.xsql?pubid=123751
Webb, A.: Statistical Pattern Recognition. Wiley, Chichester (2003)
Ipoque, Net Reporter, http://ipoque.com/en/products/net-reporter
Procera, Products, http://www.proceranetworks.com/pdf/products/overview/Procera_Overview_Brochure_mech_2012-4-8.pdf
Packet Clearing House, Internet Exchange Directory, https://prefix.pch.net/applications/ixpdir/?show_active_only=0&sort=traffic&order=desc
Nguyen, T.T.T., Armitage, G.: A survey of techniques for internet traffic classification using machine learning. IEEE Communications Surveys and Tutorials 10(4), 56–76 (2008)
Ipoque, Products, http://ipoque.com/en/products
Bendrath, R.: Global technology trends and national regulation: Explaining Variation in the Governance of Deep Packet Inspection (2009), http://userpage.fu-berlin.de/bendrath/ISA09_Paper_Ralf%20Bendrath_DPI.pdf
Pfanner, E.: 3 Internet Providers in Deal for Tailored Ads, http://www.nytimes.com/2008/02/18/technology/18target.html?_r=1&oref=slogin
Kindsight: Subscription options, http://www.kindsight.net/en/solution/subscription
European Council Resolution on the lawful interception of telecommunications (96/C 329/01), http://eur-lex.europa.eu/LexUriServ/LexUriServ.do?uri=CELEX:31996G1104:EN:HTML
Kent, S., Seo, K.: Security Architecture for the Internet Protocol, RFC 4301 (2005), http://tools.ietf.org/html/rfc4301
Hoeren, T.: Google Analytics — datenschutzrechtlich unbedenklich? Zeitschrift für Datenschutz (ZD) 1/2001, 3–6 (2011)
Convention Committee on Cybercrime, Convention on Cybercrime, http://conventions.coe.int/Treaty/EN/Treaties/html/185.htm
Decision of the German Federal Constitutional Court, BVerfG, 1 BvR 256/08 vom 2.3 (March 2, 2010), http://www.bverfg.de/entscheidungen/rs20100302_1bvr025608.html
Gilroy, A.A.: Access to Broadband Networks: The Net Neutrality Debate. CRS Report for Congress (2011)
Dischinger, M., Marcon, M., Guha, S., Gummadi, K.P., Mahajan, R., Saroiu, S.: Glasnost: Enabling End Users to Detect Traffic Differentiation. In: Proceedings of the 7th USENIX Conference on Networked Systems Design and Implementation (2010)
Kanuparthy, P., Dovrolis, C.: Diffprobe: Detecting ISP service discrimination. In: 2010 Proceedings IEEE INFOCOM, pp. 1–9 (2010)
Basso, S., Servetti, A., De Martin, J.C.: The network neutrality bot architecture: a preliminary approach for self-monitoring of Internet access QoS. In: Proceedings of ISCC 2011, pp. 1131–1136 (2011)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2012 IFIP International Federation for Information Processing
About this paper
Cite this paper
Królikowski, A. (2012). Packet Inspection — Shifting the Paradigm of Fundamental Rights. In: Hercheui, M.D., Whitehouse, D., McIver, W., Phahlamohlaka, J. (eds) ICT Critical Infrastructures and Society. HCC 2012. IFIP Advances in Information and Communication Technology, vol 386. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-33332-3_33
Download citation
DOI: https://doi.org/10.1007/978-3-642-33332-3_33
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-33331-6
Online ISBN: 978-3-642-33332-3
eBook Packages: Computer ScienceComputer Science (R0)