Deep packet inspection to identify Bitcoin network activity

September 06, 2017 // By Julien Happich
Rohde & Schwarz Cybersecurity's deep packet inspection (DPI) engine R&S PACE 2 has been enhanced with a new Bitcoin protocol classification functionality that enables enterprises to identify, control and block bitcoin transactions within a network.

The OEM software solution is now able to reliably detect and classify the Bitcoin protocol in network traffic in real time.
Bitcoin transactions are made peer-to-peer and are written directly on a distributed ledger named “blockchain”. The digital money is issued and managed without any central authority – meaning no governments or banks are involved. The virtual money can be exchanged for other currencies, products and services and shopping web sites accept cryptocurrencies as a method of payment.

Vendors embedding the DPI engine in their network security and analytics solutions are now able to classify Bitcoin transactions within IP-based network traffic in order to fully understand how a network is utilized. They can then implement security policies accordingly, with increased visibility and control over potential security risks related to Bitcoin transactions.
The DPI software library R&S PACE 2 also provides reliable detection and classification of thousands of applications and protocols by combining deep packet inspection and behavioural traffic analysis – regardless of whether the protocols use advanced obfuscation, port-hopping techniques or encryption. DPI is needed everywhere in the network where intelligent decisions need to be made based on the nature of IP traffic, whether it is wanted or unwanted traffic, good or malicious.
Rohde & Schwarz Cybersecurity GmbH -