Yissum - Research Development Company of the Hebrew University

Deep Packet Inspection as a Service

Posted by Yissum - Research Development Company of the Hebrew UniversityResponsive · Innovative Products and Technologies · Israel

Summary of the technology

Deep Packet Inspection as a Service
Project ID : 10-2015-3126

Yissum - Research Development Company of the Hebrew University
Yissum - Research Development Company of the Hebrew University

Description of the technology


Computer Science and Engineering


DPI, Telecommunication

Current development stage

TRL4 Technology validated in lab


Middleboxes play a major role in Software Defined Networks (SDN) as forwarding compressed packets is not enough to meet operators demands in terms of security, QoS/QoE provisioning and load balancing. In current systems, Deep Packet Inspection (DPI) is a common task in many middleboxes and the most resource-consuming one.

Today, the traffic is usually routed through a chain of middleboxes before reaching its destination. The traffic is scanned over and over again by middleboxes with a DPI component. Even consolidated middlebox solutions perform DPI separately from scratch.

There is a need to offer a middlebox hardware as a services outside the network to consolidate multiple middleboxes and thus optimize network efficiency and reduce operating costs.

Our Innovation

This technology extracts the DPI engine from the different middleboxes and provides it as a service for various middleboxes in the network. This service is provided by deploying one or more service instances around the network, all controlled by a logically-centralized DPI Controller. Thus, a packet in such network would go through a single DPI service instance and then visit middleboxes according to its policy chain


  • Superior throughput and reduced memory footprint
  • Resource sharing as the hardware used for DPI is decoupled from the specific middlebox
  • Robustness and security due to avoiding concentrating the traffic in a single location
  • Single DPI scan per packet e.g. decompression or decryption is inspected only once for each packet

Figure 1 Examples of the chain middleboxes (a.k.a. policy chains with and withough DPI as a service)


Each packet that requires a DPI by any of the middleboxes on its policy chain is forwarded to the DPI service, where it is inspected only once. Then, the inspection results (namely, the patterns that were matched) are communicated to the corresponding middleboxes, either on the same packet (e.g., using NSH) or on a different packet.

The proposed framework relies heavily on virtualization and therefore includes both a virtual DPI service, which is instantiated across the network, and a DPI controller, whose role is to orchestrate the different DPI service instances. Making DPI a service has implications not only for the architecture and the system design of a middlebox that uses DPI, but also for the algorithmic aspects of the DPI engine (which is implemented by the virtual DPI service) itself. Specifically, the researchers present one such tailor-made algorithm that benefits from the flexibility of a virtual environment.

Figure 2 DPI as a Service, system architecture.The DPI controller abstracts the DPI process to other network elements and controls DPI service instances across the network. Packets flow through the network as dictated by policy chains.


  • Deploying DPI as a service is a catalyzer for innovation in the middlebox domain
  • Deep Packet Inspection as a Service will enhance network performance and flexibility, efficiency and robustness in SDN systems.

Project manager

Aviv Shoher

Project researchers

David Hay
HUJI, School of Computer Science and Engineering
Computer Science

Related keywords

  • Clean Industrial Technologies
  • Other (uncategorised)
  • Computer Science & Engineering
  • Web Technologies

About Yissum - Research Development Company of the Hebrew University

Technology Transfer Office from Israel

Yissum Research Development Company of the Hebrew University of Jerusalem Ltd. Founded in 1964 to protect and commercialize the Hebrew University’s intellectual property. Ranked among the top technology transfer companies, Yissum has registered over 8,900 patents covering 2,500 inventions; has licensed out 800 technologies and has spun-off 90 companies. Products that are based on Hebrew University technologies and were commercialized by Yissum generate today over $2 Billion in annual sales.

Send your request

By clicking "Send your request" you are signing up and accepting our Terms of Service and Privacy policy

Technology Offers on Innoget are directly posted and managed by its members as well as evaluation of requests for information. Innoget is the trusted open innovation and science network aimed at directly connect industry needs with professionals online.