Abstract
Deep Packet Inspection (DPI) is a crucial tool that enables more accurate network management and traffic profiling. Its high computational demands have been pushing networking researchers to study how to improve DPI technologies. However, in this quest for better performance, little effort has been devoted to making fair performance comparisons among DPIs. Even worse, most studies show performance gains by applying DPI techniques using specific, and sometimes small, signature sets. Consequently, one DPI engine may report a certain maximum throughput while another one may report a similar performance but may have used a significantly smaller signature set. This fact makes it clear that the research community needs a well-defined framework for testing new DPI systems. This paper proposes a new framework for characterizing signature sets for evaluating DPI systems and provides an in-depth analysis of signature sets from application, protocol, and intrusion detection systems.
Sign-in/Register to access full text options 
Free) 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
