Efficient processing of multi-connection compressed web traffic

Yehuda Afek*, Anat Bremler-Barr, Yaron Koral

*Corresponding author for this work

Research output: Chapter in Book/Report/Conference proceedingConference contributionpeer-review


Compressing web traffic using standard GZIP is becoming both popular and challenging due to the huge increase in wireless web devices, where bandwidth is limited. Security and other content based networking devices are required to decompress the traffic of tens of thousands concurrent connections in order to inspect the content for different signatures. The major limiting factor in this process is the high memory requirements of 32KB per connection that leads to hundreds of megabytes to gigabytes of main memory consumption. This requirement inhibits most devices from handling compressed traffic, which in turn either limits traffic compression or introduces security holes and other dysfunctionalities. In this paper we introduce new algorithms and techniques that drastically reduce this space requirement by over 80%, with only a slight increase in the time overhead, thus making real-time compressed traffic inspection a viable option for network devices.

Original languageEnglish
Title of host publicationNETWORKING 2011 - 10th International IFIP TC 6 Networking Conference, Proceedings
Number of pages14
EditionPART 1
StatePublished - 2011
Event10th International IFIP TC 6 Networking Conference, NETWORKING 2011 - Valencia, Spain
Duration: 9 May 201113 May 2011

Publication series

NameLecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
NumberPART 1
Volume6640 LNCS
ISSN (Print)0302-9743
ISSN (Electronic)1611-3349


Conference10th International IFIP TC 6 Networking Conference, NETWORKING 2011


  • compressed http
  • deep packet inspection
  • network security
  • pattern matching


Dive into the research topics of 'Efficient processing of multi-connection compressed web traffic'. Together they form a unique fingerprint.

Cite this