|
Research On Packet Inspection Techniques
[Full Text]
AUTHOR(S)
Argha Ghosh, Dr. A. Senthilrajan
KEYWORDS
Intrusion Detection System, Network Intrusion Detection System, Host Intrusion Detection System, Packet Inspection Techniques, Shallow Packet Inspection, Medium Packet Inspection, Deep Packet Inspection.
ABSTRACT
Packet Inspection techniques are useful for the purpose of monitoring and analyzing the network traffic of a network as well as for Intrusion Detection Systems also. Moreover, Packet Inspection techniques are widely used by all the security concern-oriented systems and servers as well as, by all kinds of firewalls, gateway, etc. for providing better security to end user. Intrusion Detection Systems (IDS) are generally used Packet Inspection Techniques to detect the vulnerable anomalies from the Internet to protect end-user. There are three types of packet inspection techniques are there and they are Shallow Packet Inspection, Medium Packet Inspection and, Deep Packet Inspection. Among all those packet inspection techniques, Deep Packet Inspection is the most used technique in recent time as well as the most effective technique for packet inspection in real-time traffic over SPI and MPI.Shallow Packet Inspection is the first introduced packet inspection technique in the domain of network data
packet monitoring and mainly known for performing the task of identifying the packet’s IP address, port number moreover
known for inspecting the header of the data packet. Medium Packet Inspection used network’s nodes in terms of Networking and Data Communication called middle-boxes though are mainly used to be placed in a network and using those middle- boxes, Medium Packet Inspection perform the job of monitoring the network. Deep Packet Inspection is the technique among those packet inspection techniques, though can perform the task of analyzing packet on the packet’s header as well as in packet’s payload also. This research work will give an overview of all the three-packet inspection technique as well as describe all the aspects of those three packet inspection techniques from the perspective of real-time network traffic identification.
REFERENCES
[1] Anti-Phishing Working Group’s (APWG) Phishing Activity Trends Report of 2nd Quarter 2019 Available: https://docs.apwg.org/reports/apwg_trends_report_q2_2019.pdf
[2] “White paper on Deep Packet Inspection†Available: http://tec.gov.in/pdf/Studypaper/White%20paper%20on%20DPI.pdf
[3] Paraskevi Dinaki “Deep Packet Inspection: A Comparison Study Between Exact Match and Regular Expression Techniques†Available: https://repository.ihu.edu.gr/xmlui/handle/11544/29033
[4] Shane Alcock, Richard Nelson “Libprotoident: Traffic Classification Using Lightweight Packet Inspection†Available: https://wand.net.nz/~salcock/lpi/lpi.pdf
[5] Ioannis Sourdis “Designs and Algorithms For Packet And Content Inspection†Available:
[6] https://repository.tudelft.nl/islandora/object/uuid%3Af4bb7503-1c62- 4a0a-a77c-e119381e4307
[7] N.Kannaiya Raja, K.Arulanandam, B.Raja Rajeswari “Two-Level Packet Inspection Using Sequential Differentiate Method†Available: https://ieeexplore.ieee.org/document/6305551
[8] Qian Gong, Wenji Wu, Phil DeMar “GoldenEye: stream-based network packet inspection using GPUs†Available: https://ieeexplore.ieee.org/document/8638115
[9] Zouheir Trabelsi, Safaa Zeidan and Mohammad M. Masud “Network Packet Filtering and Deep Packet Inspection Hybrid Mechanism for IDS Early Packet Matching†Available: https://ieeexplore.ieee.org/document/7474172
[10] Sok-Ian Sou, Chuan-Sheng Lin “Random Packet Inspection Scheme for Network Intrusion Prevention in LTE Core Networks†Available: https://ieeexplore.ieee.org/document/7866014
[11] Ioannis Sourdis, Dionisios N. Pnevmatikatos, Stamatis Vassiliadis “Scalable Multigigabit PatternMatch-ing for Packet Inspection†Available: https://ieeexplore.ieee.org/document/4408588
[12] Xiuwen Sun, Kaiyu Hou, Hao Li, Chengchen Hu “Towards A Fast Packet Inspection over Compressed HTTP Traffic†Available: https://ieeexplore.ieee.org/document/7969144
[13] Jun-Won Ho “Efficient and Robust Detection of Code-Reuse Attacks Through Probabilistic Packet Inspection in Industrial IoT Devices†Available: https://ieeexplore.ieee.org/document/8471162
[14] Keihan Kazemi, Ali Fanian “Tunneling Protocol Identification Using Light Packet Inspection†Available: https://ieeexplore.ieee.org/document/7387907
[15] Rohit Tyagi, Tuhin Paul, B.S. Manoj, B. Thanudas “Packet Inspection for Unauthorized OS Detection in Enterprises†Available: https://ieeexplore.ieee.org/document/7180275
[16] Safa Alkateb “White Paper: 5 Things You Need to Know About Deep Packet Inspection (DPI)†Available: https://docplayer.net/7150123-5- things-you-need-to-know-about-deep-packet-inspection-dpi.html
[17] https://gbhackers.com/intrusion-detection-system-ids-2/
[18] https://www.geeksforgeeks.org/intrusion-detection-system-ids/
[19] S.Prithi, S.Sumathi, C.Amuthavalli “A Survey on Intrusion Detection System using Deep Packet Inspection for Regular Expression Matching†Available:https://www.semanticscholar.org/paper/A-Survey-on-Intrusion- Detection-System-using-Deep-Prithi-Sumathi/aea500206d6300be44f92b578403825739a2b6b4
[20] Rafael Antonello, Stenio Fernandes, Carlos Kamienski, Djamel Sadok, Judith Kelner, Istvan Godor, Geza Szabo, Tord Westholm “Deep packet inspection tools and techniques in commodity platforms: Challenges and trends†Available: https://www.sciencedirect.com/science/article/pii/S1084804512001622
[21] https://itlaw.wikia.org/wiki/Shallow_packet_inspection
[22] Radu Velea, Casian Ciobanu, Laurențiu Margarit, Ion Bica “Network Traffic Anomaly Detection Using Shallow Packet Inspection and Parallel K-means Data Clustering†Available: https://sic.ici.ro/wp- content/uploads/2017/12/SIC_2017-4-Art.2.pdf
[23] S. Zamfir, T. Balan, F. Sandu, C. Costache “Solutions for Deep Packet Inspection in Industrial Communications†Available: https://ieeexplore.ieee.org/document/7528337
[24] Mark Perry, Thomas Margoni “Legal Consequences of Packet Inspection†Available: https://papers.ssrn.com/sol3/papers.cfm?abstract_id=2028981
[25] Thomas Porter, Michael Gough “Logically Segregate Network Traffic “Available: https://www.sciencedirect.com/topics/computer- science/inspection-packet
|
