# Multi-Gbps HTTP Traffic Analysis in Commodity Hardware Based on Local   Knowledge of TCP Streams

**Authors:** Carlos Vega, Paula Roquero, Javier Aracil

arXiv: 1701.04617 · 2017-01-18

## TL;DR

This paper introduces a high-throughput method for analyzing HTTP traffic on standard hardware by leveraging local TCP stream knowledge, avoiding TCP reassembly, and employing load balancing techniques to enhance performance with minimal data loss.

## Contribution

It presents novel, cost-effective techniques for HTTP traffic analysis that bypass TCP reassembly and utilize sub-connection load balancing to significantly improve throughput.

## Key findings

- Achieved multi-Gbps HTTP analysis on commodity hardware.
- Load balancing techniques maintain analysis accuracy with high throughput.
- Method reduces analysis latency and hardware costs.

## Abstract

In this paper we propose and implement novel techniques for performance evaluation of web traffic (response time, response code, etc.), with no reassembly of the underlying TCP connection, which severely restricts the traffic analysis throughput. Furthermore, our proposed software for HTTP traffic analysis runs in standard hardware, which is very cost-effective. Besides, we present sub-TCP connection load balancing techniques that significantly increase throughput at the expense of losing very few HTTP transactions. Such techniques provide performance evaluation statistics which are indistinguishable from the single-threaded alternative with full TCP connection reassembly.

## Full text

_Full body text omitted from this summary view._ Fetch the complete paper as Markdown: https://tomesphere.com/paper/1701.04617/full.md

## Figures

13 figures with captions in the complete paper: https://tomesphere.com/paper/1701.04617/full.md

## References

25 references — full list in the complete paper: https://tomesphere.com/paper/1701.04617/full.md

---
Source: https://tomesphere.com/paper/1701.04617