Artyom Churilin
Tallinn University of Technology 2011

• Web filtering (content control) is a way control what content is permitted to a user.
• Deep Packet Inspection (DPI) is a form of computer network packet filtering that examines the data part (and possibly also the header) of a packet as it passes an inspection point, searching for protocol non-compliance, viruses, spam, intrusions or predefined criteria to decide if the packet can pass or if it needs to be routed to a different destination, or for the purpose of collecting statistical information.

• Client-side filters (Cyber-Nanny)
• Content-limited or filtered ISPs
• Server side-filters, proxies (Squid), traffic shapers
• Specialized hardware/software (commercial off the shelf solutions)

• Websense
• McAfee Smart Filter
• Netsweeper

• IP
• URL
• Keyword
• File type
• Database (site categorization)

• Parental control (block adult content from minors)
• Content control (i.e. ISP blocking child abuse)
• Corporate environment, public libraries
• Commercial solutions

• DPI has functionality of Intrusion Detection
System (IDS), Intrusion Prevention System
(IPS) and stateful firewall
• Advanced defense from threats
• More effective than DPI, DPS and FW
• Policies on many layers 3 -7 OSI

• Deep Packet Inspection promises to enhance
firewall capabilities by adding the ability to analyze and filter SOAP and other XML messages, dynamically open and close ports for VoIP application traffic, perform in-line AV and spam screening, dynamically proxy IM traffic, eliminate the bevy of attacks against NetBIOS-based services, traffic-shape or do away with the many flavors of P2P traffic (recently shown to account for ~35% of internet traffic), and perform SSL session inspection

• Network management
• Network security
• “Lawful intercept”
• Statistical data for network planning

• Commercial
• Propaganda
• Governments (Censorship)
• Communist regimes (Censorship, disinformation)
• Autocratic regimes (Censorship, disinformation)
• Finding political dissidents

JUNE 22, 2009 Wall street journal online:
Iran's Web Spying Aided By Western Technology
• Nokia Siemens
• The monitoring center that Nokia Siemens Networks sold to Iran was described in a company brochure as allowing "the monitoring and interception of all types of voice and data communication on all networks."

NOVEMBER 15, 2010 FORBES.COM
:
Nokia Siemens Denies Lingering Ties To Iran
Surveillance

FEBRUARY 11, 2010 BBC
:
MEPs condemn Nokia Siemens 'surveillance tech' in Iran
Google says its Gmail traffic has dropped sharply in Iran
Nokia Siemens told BBC News that it had provided
"very basic surveillance" capabilities to Iran Telecom in 2008. The product is called Monitoring Centre and can be used to monitor local telephone calls.

• The OpenNet Initiative has documented network filtering of the Internet by national governments in over forty countries
worldwide.
• Filtering is particularly appealing to governments as it allows them to control content not published within their national borders.

• Deep Packet Inspection is a promising technology in that it may help to solve security and many other problems.

• DPI adds complexity to an already complicated solution - firewalls, IDSs, session border controllers, and honeypots/nets etc…
• DPI is a powerful technology and is currently insufficiently regulated by law. If unethically and illegally used can bring awful consequences.

• in Iran, you could not access postimees bbc cnn facebook only Slõhtuleht