Deep Packet Inspection: The Good, the Bad, and the Ugly

May 1, 2009March 2, 2013 / Christopher Parsons

In this post, I want to try to lay out where I see some of the Deep Packet Inspection (DPI) discussions. This is to clarify things in my head that I’ve been thinking through for the past couple of days and to lay out for readers some of the ‘bigger picture’ elements of the DPI discussion (as I read them). If you’ve been fervently following developments surrounding this technology, then a lot of what is below is just rehashing what you know – hopefully the summary is useful – but if you’re relatively unfamiliar with what’s been going on this might help to orient what’s been, and is being, said.

Participants and Themes

The uses of DPI appliances are regularly under fire by network neutrality advocates, privacy advocates, and people who are generally concerned about communication infrastructure. DPI lets network operators ‘penetrate’ data packets that are routed through their networks and this practice is ‘new’, insofar as prior networking appliances were generally prevented from inspecting the actual payload, or content, of the data packets that are shuttled across the ‘net. To make this a bit clearer, when you send email it is broken into a host of little packets that are reassembled at the destination; earlier networking appliances could determine the destination, the kind of file being transmitted (e.g. a .mov or .jpeg), and so forth but they couldn’t accurately identify what content was in the packet (e.g. the characters of an email message held within a packet). Using DPI, network operators can now (in theory) configure their DPI appliances to capture the actions that users perform online and ‘see’ what they are doing in real time.

Continue reading →

Three-Strikes to Banish Europeans and Americans from the ‘net?

March 29, 2009August 18, 2022 / Christopher Parsons

Throughout the Global North there are discussions on the table for introducing what are called ‘three-strikes’ rules that are designed to cut or, or hinder, people’s access to the Internet should they be caught infringing on copyright. In the EU, the big content cartel is trying to get ISPs to inspect consumer data flows and, when copywritten content is identified, ‘punish’ the individual in some fashion. Fortunately, it is looking that at least the EU Parliament is against imposing such rules on the basis that disconnecting individuals from the Internet would infringe on EU citizens’ basic rights. In an era where we are increasingly digitizing our records and basic communications infrastructure, it’s delightful to see a body in a major world power recognize the incredibly detrimental and over-reactionary behavior that the copyright cartel is calling for. Copyright infringement does not trump basic civil liberties.

Now, I expect that many readers would say something along this line: I don’t live in the EU, and the EU Parliament has incredibly limited powers. Who cares, this: (a) doesn’t affect me; (b) is unlikely to have a real impact on EU policy.

Continue reading →

Update: Associating Canadian ISPs with Anonymized Data Traffic Submissions

February 14, 2009March 2, 2013 / Christopher Parsons

I’ve just posted a document that draws together the CRTC’s February 4, 11, and 12 filings for PN 2008-19. The document ties ISPs with categories of anonymous data for easy reference, and is also meant to contextualize each data set by reproducing the questions that led ISPs to develop these data sets in the first place.

Items of note:

Responses to question 1 (a) show that, save for a single ISP, ISPs’ annual percentage growth of total traffic volume has decreased. ISPs required to anonymously submit data: Barrett, Bell Canada et al., Cogeco, MTS Allstream, QMI (Videotron), Rogers, Sasktel, Shaw, Telus.
Responses to question 1 (b) show that the percentage of HTTP/Streaming traffic has increased, two companies report that the percentage of P2P traffic has increased and two report it has decreased slightly, UDP traffic has increased slightly, and the “Other” category now accounts for a smaller percentage of total traffic than in the first months measured. ISPs required to anonymously submit data: Barrett, Bell Canada et al. (for Bell Wireline), Bragg, Rogers, and Shaw.
Responses to 2 (a) reveal the annual percentage growth of monthly average usage per end-user. We find that growth is occurring on company networks, and that this growth has been uneven (e.g. Company A experienced 16% growth one year, 47% the next, and 13% in the final year). This suggests, to me, that developing an accurate forecast of expected bandwidth growth would be challenging. Without knowing what companies are associated with each data set, it is challenging for analysts to determine if Network Management Technologies might be responsible for the changes in growth rates. ISPs required to anonymously submit data: Barrett, Bell Canada et al. (for Bell Wireline), Cogeco, MTS Allstream, QMI (Videotron), Rogers, and Telus.
Responses to 2 (b) discuss the percentage growth for ISPs’ top 5% and 10% users. Data for the top 5% shows that two companies experienced negative growth in 2007-2008, one only 2% growth in 2007-2008, and the last a 25% growth. Data for the top 10% shows that two companies experienced negative growth in 2007-2008, one 1% growth, and the last a 25% growth. ISPs required to anonymously submit data: Bell Canada et al. (for Bell Wireline), Cogeco, MTS Allstream, QMI (Videotron), Rogers, and Telus.
Responses to 2 (c) identify how much of the total traffic that top 5% and 10% users account for. Top 5% account for 37%-56% of total traffic. The top 10% account for 52%-74%. These are fairly damning numbers, given that they clearly demonstrate that massive proportions of the network are being used by a relatively small minority of users. ISPs required to anonymously submit data: Barrett, Bell Canada et al. (for Bell Wireline), Bragg, Cogeco, MTS Allstream, Primus, QMI (Videotron), Rogers, Shaw, and Telus.
Responses to 2 (d) break down the application usage numbers for the top 5% and 10% of ISPs’ users. For the top 5% of users, HTTP/Streaming has remained relatively constant, P2P use decreased for only one company, UDP traffic is up, and “Other” traffic has decreased for two of three companies. For the top 10% of users, HTTP/Streaming traffic makes up a higher percentage of total traffic, in all but one case P2P traffic represents a larger percentage of total traffic, UDP is up, and “Other” is down for two of three companies. ISPs required to anonymously submit data: Bell Canada et al. (for Bell Wireline), Bragg, and Shaw.

Update: CRTC PN 2008-19 ISP Filing Summary Document

February 13, 2009 / Christopher Parsons

I’ve updated my initial ISP Filing Summary document with the information that ISPs provided on February 9, 2008 per the CRTC’s February 4, 2009 request. Updates to the document are made in blue. The updates to not include Videotron’s response to 1 (c).

I would maintain that the most interesting parts of was was released have been summarized in a post from two days ago, which was entitled “Update: CRTC PN 2008-19 Filings“. Tomorrow, I should be posting a document that correlates data the CRTC aggregated and anonymized with the ISPs who were required to release anonymized data. My hope is that this will make it a bit clearer who data might be associated with.

Technology, Thoughts & Trinkets

Touring the Digital Though Type

ISPs