The global mobile deep packet inspection (DPI) market will grow at an impressive CAGR of almost 22% until 2020, according to Technavio.
Stateful packet inspection
Stateful packet inspection (SPI), also known as shallow packet inspection technology, was widely used for detecting abnormal packets by inspecting the packet headers only. SPI was not able to detect many new network attacks such as network intrusion detection systems (NIDS) evasion and distributed denial of service. Thus, DPI became a new technology to inspect the payload information, including the contents of packets, and inspect packets at the entire layer of network, thereby ensuring network security.
Technavio ICT analysts highlight the following three factors that are contributing to the growth of the global mobile DPI market:
- Increased adoption of DPI in IP fraud detection
- Use of DPI in traffic filtering for regulatory compliance
- Increased adoption of DPI by ISPs.
Increased adoption of DPI in IP fraud detection
The network data and IP services are increasingly becoming the targets of frauds. Their focus on international voice calls is being shifted to network data. Though the data transactions and traffic over a network are being monitored, they do not analyze the traffic volume that includes the details such as the identity of the user and the frequency of data being uploaded. DPI examines the content of data traffic, not just the headers.
“The adoption of DPI provides leverage to the network operators in network planning and service assurance. For instance, shared plans and tethering allow users to connect to multiple devices through a single internet access point. In the Americas and Europe, the network operators made bundled data plans that offer premium access to some websites,” says Amrita Choudhury, a lead IT security research analyst at Technavio.
For instance, the packaged deal will have unlimited Facebook, Twitter, or e-mails access for USD 10 or USD 15 per month. If the operator wants to charge a premium fee for YouTube access, then frauds can bypass the restrictions and gain access to YouTube via proxy servers that hide the user’s IP address.
With the help of DPI, operators can easily identify this misuse and enforce these premium access policies even though the user’s identity is masked at the originating point.
Use of DPI in traffic filtering for regulatory compliance
Countries such as the US, China, and South Korea are using a traffic filtering system that use DPI technology, which has been planned as a technical regulation to enforce new or existing legislation. Theoretically, DPI is used to enable content classification of commercially driven bandwidth management, but DPI filtering system is also used for implementing regulatory compliance such as:
- Block illegal contents such as child pornography but in compliance with the local laws
- Most of the legislations do not allow encryption and tunneling systems that reduce lawful interception systems that can be enforced with the help of DPI technology
- Block unregulated internet telephony.
Increased adoption of DPI by ISPs
Amrita adds, “In 2012, the UN International Telecommunication Union implemented a new standard on DPI. It permits network devices to inspect the packet header and payload, which can help ISPs to become more efficient and can reduce their cost when managing data traffic that passes through their network. DPI is a system that can serve a variety of purposes, but ISPs use it to examine the content of communications when managing network traffic.”
ISPs slow down or block user’s access to some content during heavy traffic on their networks. This is to make sure that one user’s heavy use of a network for downloading materials should not prevent other users of that network from accomplishing basic tasks such as sending or receiving e-mail and surfing webpages.