Space efficient deep packet inspection of compressed web traffic

Yehuda Afek; Anat Bremler-Barr; Yaron Koral

doi:10.1016/j.comcom.2012.01.017

Space efficient deep packet inspection of compressed web traffic

Yehuda Afek, Anat Bremler-Barr, Yaron Koral

School of Computer Science

Tel Aviv University

Research output: Contribution to journal › Article › peer-review

Abstract

In this paper we focus on the process of deep packet inspection of compressed web traffic. The major limiting factor in this process imposed by the compression, is the high memory requirements of 32 KB per connection. This leads to the requirements of hundreds of megabytes to gigabytes of main memory on a multi-connection setting. We introduce new algorithms and techniques that drastically reduce this space requirement for such bump-in-the-wire devices like security and other content based networking tools. Our proposed scheme improves both space and time performance by almost 80% and over 40% respectively, thus making real-time compressed traffic inspection a viable option for networking devices.

Original language	English
Pages (from-to)	810-819
Number of pages	10
Journal	Computer Communications
Volume	35
Issue number	7
DOIs	https://doi.org/10.1016/j.comcom.2012.01.017
State	Published - 1 Apr 2012

Keywords

Compressed http
Deep packet inspection
Network security
Pattern matching

All Science Journal Classification (ASJC) codes

Computer Networks and Communications

Access to Document

10.1016/j.comcom.2012.01.017

Cite this

@article{acbe7b6aeddc4483b722a5465a8527f4,

title = "Space efficient deep packet inspection of compressed web traffic",

abstract = "In this paper we focus on the process of deep packet inspection of compressed web traffic. The major limiting factor in this process imposed by the compression, is the high memory requirements of 32 KB per connection. This leads to the requirements of hundreds of megabytes to gigabytes of main memory on a multi-connection setting. We introduce new algorithms and techniques that drastically reduce this space requirement for such bump-in-the-wire devices like security and other content based networking tools. Our proposed scheme improves both space and time performance by almost 80% and over 40% respectively, thus making real-time compressed traffic inspection a viable option for networking devices.",

keywords = "Compressed http, Deep packet inspection, Network security, Pattern matching",

author = "Yehuda Afek and Anat Bremler-Barr and Yaron Koral",

note = "Funding Information: The research leading to these results has received funding from the European Research Council under the European Union{\textquoteright}s Seventh Framework Programme ( FP7/2007-2013 )/ERC Grant agreement no 259085.",

year = "2012",

month = apr,

day = "1",

doi = "10.1016/j.comcom.2012.01.017",

language = "الإنجليزيّة",

volume = "35",

pages = "810--819",

journal = "Computer Communications",

issn = "0140-3664",

publisher = "Elsevier",

number = "7",

}

TY - JOUR

T1 - Space efficient deep packet inspection of compressed web traffic

AU - Afek, Yehuda

AU - Bremler-Barr, Anat

AU - Koral, Yaron

N1 - Funding Information: The research leading to these results has received funding from the European Research Council under the European Union’s Seventh Framework Programme ( FP7/2007-2013 )/ERC Grant agreement no 259085.

PY - 2012/4/1

Y1 - 2012/4/1

N2 - In this paper we focus on the process of deep packet inspection of compressed web traffic. The major limiting factor in this process imposed by the compression, is the high memory requirements of 32 KB per connection. This leads to the requirements of hundreds of megabytes to gigabytes of main memory on a multi-connection setting. We introduce new algorithms and techniques that drastically reduce this space requirement for such bump-in-the-wire devices like security and other content based networking tools. Our proposed scheme improves both space and time performance by almost 80% and over 40% respectively, thus making real-time compressed traffic inspection a viable option for networking devices.

AB - In this paper we focus on the process of deep packet inspection of compressed web traffic. The major limiting factor in this process imposed by the compression, is the high memory requirements of 32 KB per connection. This leads to the requirements of hundreds of megabytes to gigabytes of main memory on a multi-connection setting. We introduce new algorithms and techniques that drastically reduce this space requirement for such bump-in-the-wire devices like security and other content based networking tools. Our proposed scheme improves both space and time performance by almost 80% and over 40% respectively, thus making real-time compressed traffic inspection a viable option for networking devices.

KW - Compressed http

KW - Deep packet inspection

KW - Network security

KW - Pattern matching

UR - http://www.scopus.com/inward/record.url?scp=84858703663&partnerID=8YFLogxK

U2 - 10.1016/j.comcom.2012.01.017

DO - 10.1016/j.comcom.2012.01.017

M3 - مقالة

SN - 0140-3664

VL - 35

SP - 810

EP - 819

JO - Computer Communications

JF - Computer Communications

IS - 7

ER -

Space efficient deep packet inspection of compressed web traffic

Abstract

Keywords

All Science Journal Classification (ASJC) codes

Access to Document

Other files and links

Fingerprint

Cite this