Deep Packet Inspection as a Service
Almost all middleboxes that deal with L7 protocols do Deep Packet Inspection (DPI). Today, traffic is inspected from scratch by all the middleboxes on its route. In this paper, we propose to treat DPI as a service to the middleboxes, implying that traffic should be scanned only once, but against the data of all middleboxes that use the service. The DPI service then passes the scan results to the appropriate middleboxes. Having DPI as a service has significant advantages in performance, scalability, robustness, and as a catalyst for innovation in the middlebox domain. Moreover, technologies and solutions for current Software Defined Networks (SDN) make it feasible to implement such a service and route traffic to and from its instances.
This work was published in ACM CoNEXT 2014, Sydney, Australia.