Deep Packet Inspection (DPI) is a technology that enables the network owner to analyse internet traffic, through the network, in real-time and to differentiate them according to their payload.
Originally the Internet protocols required the network routers to scan only the header of an Internet Protocol (IP) packet.
The packet header contains the origin and destination address and other information relevant to moving the packet across the network.
The “payload” or content of the packet, which contains (all or part of) the text, images, files or applications transmitted by the user, was not considered to be a concern of the network operator. DPI allows network operators to scan the payload of IP packets as well as the header.
Shallow Packet Inspection
Shallow packet inspection (SPI) examines the headers of the packets (which is the information placed at the beginning of a block of data, such as the sender and recipient’s IP addresses), as opposed to the body or “payload” of the packet.
This kind of packet inspection allows the communications to remain ‘virtually anonymous’ since the content of the packets is not observed, and the information in the header is used only to route the packet.
Medium Packet Inspection
Medium Packet Inspection (MPI) is typically used to refer to ‘application proxies’, or devices that stand between end-users’ computers and ISP/Internet gateways.
Deep Packet Inspection
Deep Packet Inspection (DPI) technologies are intended to allow network operators precisely to identify the origin and content of each packet of data that passes through the networking hubs.
Applications of DPI
- Network security
- Network management
- Content Optimization
- Billing and Metering applications
- Application Distribution and Load Balancing
- Network and subscriber analysis
- Monitoring and interception
- Targeted advertising
- Copyright enforcement
- Content regulation