I am researching intrusion detection systems (IDS) and deep packet inspections (DPI). For example, suppose a system in which values are passed to a validation system and the validation system validates the data passed (verifies anomalies, such as statistics, machine learning, etc.).
- Is the validation process called DPI, even if only the payload is examined?
- Is the screening process called network-based attack detection or something else?