In association with heise online

09 September 2009, 10:32

Open source software library for deep packet inspection

  • Twitter
  • Facebook
  • submit to slashdot
  • StumbleUpon
  • submit to reddit

OpenDPI logo Ipoque of Leipzig, Germany has published parts of its deep packet inspection technology under the LGPLv3 open source license. Called OpenDPI, the software library is based on Ipoque's commercial Protocol and Application Classification Engine (PACE), which the vendor says classifies internet traffic.

OpenDPI lacks a couple of the functions in PACE. For instance, it does not recognize any encrypted protocols, such as Skype or BitTorrent, nor does it handle IPv6. Options to optimise speed and memory consumption are also missing, though the vendor says that such PACE functions are to be added to OpenDPI later. A manualPDF provides a complete list of all of the protocols supported in addition to describing the installation and the compilation of sample applications under Linux (32/64 bit). The source text and a forum are available at Google Code.

The term "deep packet inspection" (DPI) covers a number of network technologies and combines their capabilities. For instance, intrusion detection systems (IDS) detect malware and intrusions into local networks, while classic firewalls can control and monitor network traffic by means of address recognition. In contrast, DPI not only analyses individual network packets, but also takes a look at entire network streams, including the data part of the packets, to provide better protection against buffer overflow attacks, Denial of Service (DoS) attacks, and complicated network intrusions. However, DPI could also be used to control network traffic, for instance in order to filter, monitor, or disseminate advertising to a specific target audience. Critics therefore consider DPI techniques as a violation of the network neutrality principle; some even consider DPI a breach of internet users' privacy.

With OpenDPI, Ipoque aims to open up the discussion about deep packet inspections – and dispel various myths and fears that users have towards network technology. According to a press release, the published source text demonstrates that the kinds of privacy violations that DPI technology is charged with are not even possible. Hendrik Schulze, who handles the project at Ipoque explains – "With OpenDPI, we would like to launch a lively discussion, and we look forward to everyone's feedback".

(djwm)

Print Version | Send by email | Permalink: http://h-online.com/-743313
 


  • July's Community Calendar





The H Open

The H Security

The H Developer

The H Internet Toolkit