TY - GEN
T1 - Efficient processing of multi-connection compressed web traffic
AU - Afek, Yehuda
AU - Bremler-Barr, Anat
AU - Koral, Yaron
PY - 2011
Y1 - 2011
N2 - Compressing web traffic using standard GZIP is becoming both popular and challenging due to the huge increase in wireless web devices, where bandwidth is limited. Security and other content based networking devices are required to decompress the traffic of tens of thousands concurrent connections in order to inspect the content for different signatures. The major limiting factor in this process is the high memory requirements of 32KB per connection that leads to hundreds of megabytes to gigabytes of main memory consumption. This requirement inhibits most devices from handling compressed traffic, which in turn either limits traffic compression or introduces security holes and other dysfunctionalities. In this paper we introduce new algorithms and techniques that drastically reduce this space requirement by over 80%, with only a slight increase in the time overhead, thus making real-time compressed traffic inspection a viable option for network devices.
AB - Compressing web traffic using standard GZIP is becoming both popular and challenging due to the huge increase in wireless web devices, where bandwidth is limited. Security and other content based networking devices are required to decompress the traffic of tens of thousands concurrent connections in order to inspect the content for different signatures. The major limiting factor in this process is the high memory requirements of 32KB per connection that leads to hundreds of megabytes to gigabytes of main memory consumption. This requirement inhibits most devices from handling compressed traffic, which in turn either limits traffic compression or introduces security holes and other dysfunctionalities. In this paper we introduce new algorithms and techniques that drastically reduce this space requirement by over 80%, with only a slight increase in the time overhead, thus making real-time compressed traffic inspection a viable option for network devices.
KW - compressed http
KW - deep packet inspection
KW - network security
KW - pattern matching
UR - http://www.scopus.com/inward/record.url?scp=79956052942&partnerID=8YFLogxK
U2 - 10.1007/978-3-642-20757-0_5
DO - 10.1007/978-3-642-20757-0_5
M3 - ???researchoutput.researchoutputtypes.contributiontobookanthology.conference???
AN - SCOPUS:79956052942
SN - 9783642207563
T3 - Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
SP - 52
EP - 65
BT - NETWORKING 2011 - 10th International IFIP TC 6 Networking Conference, Proceedings
T2 - 10th International IFIP TC 6 Networking Conference, NETWORKING 2011
Y2 - 9 May 2011 through 13 May 2011
ER -