• DocumentCode
    1499601
  • Title

    Design and evaluation of deep packet inspection system: A case study

  • Author

    Liao, M.-Y. ; Luo, Mon-Yen ; Yang, Chun-Sheng ; Chen, Chun-Hung ; Wu, Pei-Ci ; Chen, Yen-Chi

  • Author_Institution
    Dept. of Electr. Eng., Nat. Cheng Kung Univ., Tainan, Taiwan
  • Volume
    1
  • Issue
    1
  • fYear
    2012
  • fDate
    3/1/2012 12:00:00 AM
  • Firstpage
    2
  • Lastpage
    9
  • Abstract
    An increasing number of Internet applications and services render network management more troublesome for bandwidth misuse and security concern. As a result, network traffic identification plays an increasingly important role in network management. Deep packet inspection (DPI) is one of the effective approaches. Conventional network devices lookup the header of a packet, but DPI means the network device is required to match a pattern in the payload of a packet. This study proposes a DPI system and WMT (Wu-Manber with trie) algorithm to classify popular network services; The Net-DPIS is developed based on Netfilter framework in Linux kernel. The authors show how to rearrange the rule policies to increase the performance of Net-DPIS. In the results, the authors show that WMT algorithm is faster than WM algorithm; Net-DPIS has higher average accuracy and performance than L7-filter.
  • Keywords
    Internet; computer network management; computer network security; telecommunication traffic; Internet applications; Linux kernel; Net-DPIS; Netfilter framework; Wu-Manber with trie algorithm; bandwidth misuse; deep packet inspection system; network management; network security; network traffic identification;
  • fLanguage
    English
  • Journal_Title
    Networks, IET
  • Publisher
    iet
  • ISSN
    2047-4954
  • Type

    jour

  • DOI
    10.1049/iet-net.2011.0048
  • Filename
    6186940
    • Link To Document
    https://search.isc.ac/dl/search/defaultta.aspx?DTC=49&DC=1499601