Multi-Gbps HTTP Traffic Analysis in Commodity Hardware Based on Local Knowledge of TCP Streams
نویسندگان
چکیده
In this paper we propose and implement novel techniques for performance evaluation of web traffic (response time, response code, etc.), with no reassembly of the underlying TCP connection, which severely restricts the traffic analysis throughput. Furthermore, our proposed software for HTTP traffic analysis runs in standard hardware, which is very cost-effective. Besides, we present sub-TCP connection load balancing techniques that significantly increase throughput at the expense of losing very few HTTP transactions. Such techniques provide performance evaluation statistics which are indistinguishable from the singlethreaded alternative with full TCP connection reassembly.
منابع مشابه
Traffic Classification over Gbit Speed with Commodity Hardware
This paper discusses necessary components of a GPU-assisted traffic classification method, which is capable of multi-Gbps speeds on commodity hardware. The majority of the traffic classification is pushed to the GPU to offload the CPU, which then may serve other processing intensive tasks, e.g., traffic capture. The paper presents two massively parallelizable algorithms suitable for GPUs. The f...
متن کاملTICKETing High-Speed Traffic with Commodity Hardware and Software
While tcpdump is an invaluable monitoring tool that has held up remarkably well for over a decade, it is showing its age. Network speeds have recently outstripped the ability of ‘stock’ tcpdump running on commodity hardware to keep up with the network, rendering it incapable of monitoring traffic at gigabit-per-second (Gbps) speeds. Tests over Gigabit Ethernet showed that tcpdump could monitor ...
متن کاملIndexing Millions of Packets per Second using GPUs
Network traffic loggers are devices that record a recent window of the entire traffic in one or more network links. The traffic is stored in packet repositories that enable retrospective analyses, e.g., for forensic investigation. Traffic loggers deployed over very high-speed networks must process and store millions of packets per second using commodity hardware. To enable interactive explorati...
متن کاملArchitecture and Hardware for Scheduling Gigabit Packet Streams
We present an architecture and hardware for scheduling gigabit packet streams in server clusters that combines a Network Processor datapath and an FPGA for use in server NICs and server cluster switches. Our architectural framework can provide EDF, static-priority, fair-share and DWCS native scheduling support for besteffort and real-time streams. This allows – (i) interoperability of schedulin...
متن کاملTIFAflow: Enhancing Traffic Archiving System with Flow Granularity for Forensic Analysis in Network Security
The archiving of Internet traffic is an essential function for retrospective network event analysis and forensic computer communication. The state-of-the-art approach for network monitoring and analysis involves storage and analysis of network flow statistic. However, this approach loses much valuable information within the Internet traffic. With the advancement of commodity hardware, in partic...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
عنوان ژورنال:
- Computer Networks
دوره 113 شماره
صفحات -
تاریخ انتشار 2017