Title :
Deep packet inspection — Fear of the unknown
Author :
Goss, Ryan ; Botha, Reinhardt
Author_Institution :
Inst. for ICT Advancement & Sch. of ICT, Nelson Mandela Metropolitan Univ., Port Elizabeth, South Africa
Abstract :
Enterprise and service provider customers develop, maintain and operate network infrastructure in order to support the applications required to perform their day to day tasks. These applications have certain requirements and expectations from the infrastructure, including access to public networks, and thus rely on quality of service (QoS) controls to manage network traffic. QoS controls are used to ensure non-critical applications do not hamper the operation of critical ones, all the while providing fair access to all legitimate applications. QoS systems are increasingly being used as firewalls, filtering bad traffic and allowing good traffic to traverse the network without delay. This paper investigates the effectiveness of protocol matching within current QoS classifiers and shows that even with the most up to date classifiers, “unknown” or unidentified traffic is still prevalent on a network; a serious concern for IT network administrators. This “unknown traffic could consist of viruses, attempted exploits and other un-authorized connectivity from outside sources.
Keywords :
authorisation; pattern classification; protocols; quality of service; telecommunication network management; telecommunication traffic; IT network administrator; QoS classifier; QoS control; deep packet inspection; network traffic; protocol matching; public network; quality of service; service provider customer; unauthorized connectivity; Engines; Inspection; Internet; Payloads; Quality of service; Routing protocols;
Conference_Titel :
Information Security for South Africa (ISSA), 2010
Conference_Location :
Sandton, Johannesburg
Print_ISBN :
978-1-4244-5493-8
DOI :
10.1109/ISSA.2010.5588278
