NBAR Flash Tone Detection
To help combat world-wide congestion on the public Internet, Cisco has developed an extension to its Network-Based Application Recognition (NBAR) engine on IOS routers. The NBAR flash tone detection feature performs deep packet inspection (DPI) on supported protocols to detect pornographic images for (de)prioritization.
Flesh tones are the beige/brown colors common to human skin pigments. Images with a high percentage of pixels set to these colors carry a high probability of being pornographic in nature. NBAR flesh tone detection is able to process images carried by NBAR-supported protocols like HTTP and FTP and heuristically detect and mark packets carrying suspect image fragments for prioritization.
NBAR flesh tone detection, powered by Cisco's proprietary Flexible Advanced Pornographic Protocol Recognition (FAPPR) algorithm, currently supports JPG, PNG, TIFF, GIF, and animated GIF image formats of up to 2048x2048 pixels.
NBAR Flesh tone Detection Configuration:
Flesh tone detection is applied to a class map similar to any other NBAR match statement. A percentage of pixels must be specified between 1 and 100.
Router(config)# class-map hardcore
Router(config-cmap)# match flesh-tone percentage 75
At this point, the class map can be applied to an NBAR traffic policy to prioritize and/or mark traffic.
Router(config)# policy-map skintastic
Router(config-pmap)# class hardcore
Router(config-pmap-c)# priority percent 90
Router(config-pmap-c)# interface f0/0
Router(config-if)# service-policy input skintastic
|
