PPP: Towards Parallel Protocol Parsing

Network traffic classification plays an important role and benefits many practical network issues, such as Next-Generation Firewalls (NGFW), Quality of Service (QoS), etc. To face the challenges brought by modern high speed networks, many inspiring solutions have been proposed to enhance traffic classification. However, taking many factual network conditions into consideration, e.g., diversity of network environment, traffic classification methods based on Deep Inspection (DI) technique still occupy the top spot in actual usage. In this paper, we propose a novel classification system employing Deep Inspection technique, aiming to achieve Parallel Protocol Parsing (PPP). We start with an analytical study of the existing popular DI methods, namely, regular expression based methods and protocol parsing based methods. Motivated by their relative merits, we extend traditional protocol parsers to achieve parallel matching, which is the representative merit of regular expression. We build a prototype system, and evaluation results show that significant improvement has been made comparing to existing open-source solutions in terms of both memory usage and throughput.