http://the-mobile-network.com/2016/06/encrypted-traffic-to-hit-80-of-all-data-in-some-mobile-networks-in-2016/
The company said that it expected as much as 80% of data on some mobile networks may be encrypted by the end of 2016, with 70% of all internet traffic encrypted by the end of 2016.
http://the-mobile-network.com/2015/01/how-encryption-threatens-mobile-operators-and-what-they-can-do-about-it/
“trusted proxies”
It is unsurprising that the web and app communities are unwilling to consider “trusted proxies”, firstly as there’s a general dislike of proxies, and secondly because that trust has been abused in the past.”
http://telecoms.com/39718/encryption-will-it-be-the-death-of-dpi/
DPI platforms cannot break the encryption and look inside the packets.
>> SSL inspection ( aka MITM) only applied in controlled environment as enterprise could control gateways ,endpoints and certificate policy.
In order to think about how a DPI platform can function in an environment where most of the traffic is encrypted, it is helpful to think back to the main purposes of commercial DPI platforms today: to understand which users are consuming the available bandwidth and then making intelligent decisions about which traffic to prioritise. Although strict encryption prevents the DPI platform from looking into the packet, there are still plenty of clues for the DPI platform to look at: the source and destination of the traffic, the packet size, and the pattern of packets. For example, a stream of small packets every 20 milliseconds in both directions is almost always a VoIP call. Traffic to and from the Facebook servers is, by definition, Facebook traffic. It’s also possible to correlate separate flows: even if everything is encrypted, if the platform sees a request to a server at CNN, followed by a request to Akamai, it can reasonably assume that Akamai is serving CNN content and thus apply the appropriate rules. This is called “heuristic” or “inferred application” classification, and can reach similar levels of accuracy as the traditional DPI approach.
http://owmobility.com/press-releases/2017-predictions-president-trumps-influence-wireless-iot-gets-scary-5g-reality-check/
https://ecfsapi.fcc.gov/file/60002077715.pdf
>> MUST READ
https://www.federalregister.gov/documents/2016/12/02/2016-28006/protecting-the-privacy-of-customers-of-broadband-and-other-telecommunications-services
The company said that it expected as much as 80% of data on some mobile networks may be encrypted by the end of 2016, with 70% of all internet traffic encrypted by the end of 2016.
http://the-mobile-network.com/2015/01/how-encryption-threatens-mobile-operators-and-what-they-can-do-about-it/
“trusted proxies”
It is unsurprising that the web and app communities are unwilling to consider “trusted proxies”, firstly as there’s a general dislike of proxies, and secondly because that trust has been abused in the past.”
http://telecoms.com/39718/encryption-will-it-be-the-death-of-dpi/
DPI platforms cannot break the encryption and look inside the packets.
>> SSL inspection ( aka MITM) only applied in controlled environment as enterprise could control gateways ,endpoints and certificate policy.
In order to think about how a DPI platform can function in an environment where most of the traffic is encrypted, it is helpful to think back to the main purposes of commercial DPI platforms today: to understand which users are consuming the available bandwidth and then making intelligent decisions about which traffic to prioritise. Although strict encryption prevents the DPI platform from looking into the packet, there are still plenty of clues for the DPI platform to look at: the source and destination of the traffic, the packet size, and the pattern of packets. For example, a stream of small packets every 20 milliseconds in both directions is almost always a VoIP call. Traffic to and from the Facebook servers is, by definition, Facebook traffic. It’s also possible to correlate separate flows: even if everything is encrypted, if the platform sees a request to a server at CNN, followed by a request to Akamai, it can reasonably assume that Akamai is serving CNN content and thus apply the appropriate rules. This is called “heuristic” or “inferred application” classification, and can reach similar levels of accuracy as the traditional DPI approach.
http://owmobility.com/press-releases/2017-predictions-president-trumps-influence-wireless-iot-gets-scary-5g-reality-check/
Death of traditional DPI accelerates
Matt Halligan, CTO: “There’s a sure-fire certainty in 2017. Social media and OTTs will launch even more services, and this adds to the cocktail of diverse traffic on mobile networks. Just look at some of the developments in 2016. WhatsApp launched video calls, YouTube started 4K live streaming and Snapchat introduced Spectacles. Operators have the unenviable task of delivering this data and managing subscriber Quality of Experience (QoE). To handle the ever-changing protocols mobile operators need Deep Packet Inspection (DPI) solutions that have evolved to be agile, accurate and virtualized. Existing DPI solutions are a dead piece of investment. The protocols and signatures they are looking out for now won’t even exist by the end of 2017.”
https://ecfsapi.fcc.gov/file/60002077715.pdf
>> MUST READ
https://www.federalregister.gov/documents/2016/12/02/2016-28006/protecting-the-privacy-of-customers-of-broadband-and-other-telecommunications-services
Comments