This section is intended to provide a background or context to the disclosed embodiments. The description herein may include concepts that could be pursued, but are not necessarily ones that have been previously conceived or pursued. Therefore, unless otherwise indicated herein, what is described in this section is not prior art to the description and claims in this application and is not admitted to be prior art by inclusion in this section.
In a packet-switched communications network, packets are the basic unit of communication, and consist of two parts: headers which carry signaling information to establish and maintain a communication channel, and a payload which carries the communication content. Many traditional methods in network security rely on so-called deep-packet inspection (DPI) mechanisms that analyze the payloads of network packets to seek the presence of content patterns of interest.
Current trends in digital network communications are beginning to render DPI ineffective. When a communications channel is encrypted end-to-end, then network-based DPI mechanisms are ineffective. Encryption effectively randomized packet payloads and hence renders them immune from interpretation or analysis.