Deep Packet Inspection (DPI) plays a major role in contemporary networks. Specifically, in datacenters of content providers, the scanned data may be highly repetitive. Most DPI engines are based on identifying signatures in the packet payload. This pattern matching process is expensive both in memory and CPU resources, and thus, often becomes the bottleneck of the entire application. In this paper we show how DPI can be accelerated by leveraging repetitions in the inspected traffic. Our new mechanism makes use of these repetitions to allow the repeated data to be skipped rather than scanned again. The mechanism consists of a slow path, in which frequently repeated strings are identified and stored in a dictionary, along with some succinct information for accelerating the DPI process, and a data path, where the traffic is scanned byte by byte but strings from the dictionary, if encountered, are skipped. Upon skipping, the data path recovers to the state it would have been in had the scanning continued byte by byte. Our solution achieves a significant performance boost, especially when data is from the same content source (e.g., the same website). Our experiments show that for such cases, our solution achieves a throughput gain of 1.25-2.5 times the original throughput, when implemented in software.
|Title of host publication
|2015 IEEE Conference on Computer Communications, IEEE INFOCOM 2015
|Institute of Electrical and Electronics Engineers Inc.
|Number of pages
|Published - 21 Aug 2015
|34th IEEE Annual Conference on Computer Communications and Networks, IEEE INFOCOM 2015 - Hong Kong, Hong Kong
Duration: 26 Apr 2015 → 1 May 2015
|Proceedings - IEEE INFOCOM
|34th IEEE Annual Conference on Computer Communications and Networks, IEEE INFOCOM 2015
|26/04/15 → 1/05/15
Bibliographical notePublisher Copyright:
© 2015 IEEE.