<html><body><style>p { margin: 0; }</style><div style="font-family: arial,helvetica,sans-serif; font-size: 12pt; color: #000000"><p>Deep Packet Inspection as a Service</p><p>Yaron Koral, Princeton University</p><p>Wednesday, November 12, 10am</p><p>Computer Science, Room 402<br></p><p><br></p><p>Middleboxes play a major role in contemporary networks, as forwarding
packets is often not enough to meet operator demands, and other
functionalities (such as security, QoS/QoE provisioning, and load
balancing) are required. Traffic is usually routed through a sequence of
such middleboxes, which either reside across the network or in a
single, consolidated location. Although middleboxes provide a vast range
of different capabilities, there are components that are shared among
many of them. A task common to almost all middleboxes that deal with L7
protocols is Deep Packet Inspection (DPI). Today, traffic is inspected
from scratch by all the middleboxes on its route. In this paper, we
propose to treat DPI as a service to the middleboxes, implying that
traffic should be scanned only once, but against the data of all
middleboxes that use the service. The DPI service then passes the scan
results to the appropriate middleboxes. Having DPI as a service has
significant advantages in performance, scalability, robustness, and as a
catalyst for innovation in the middlebox domain. Moreover, technologies
and solutions for current Software Defined Networks (SDN) (e.g., SIMPLE
[41]) make it feasible to implement such a service and route traffic to
and from its instances.</p>
<p><br>
This is joint work with Anat Bremler-Barr, Yotam Harchol, and David Hay, and will appear at CoNEXT in December 2014.<br>
Yaron received his PhD at Tel Aviv University and is a new postdoc at Princeton.</p></div><br></body></html>