A fully automated deep packet inspection verification system with machine learning

Abstract

Deep Packet Inspection (DPI) technique has become very important for traffic detection and resource management in core networks. DPI systems use unique byte patterns as signatures to detect application traffic. Applications frequently update their version to add new features and/or to bypass firewall/DPI systems. Thus, an accurate DPI system needs to periodically verify existing signatures and update them if required. The manual task of application traffic generation and verification on multiple platforms is very tedious and error-prone. We propose a fully automated DPI verification system with machine learning techniques for periodic DPI signature verification and update. Automated mobile application traffic generation is achieved by open source tools GUITAR and Appium. Signature verification and new signature pattern suggestion from undetected flows are achieved by well-known and custom made machine learning algorithms, thus completing full signature verification and update cycle. Initial test results show that our solution saves lot of man hours and detects signature update in shortest possible time.