Stateful traffic replay for web application proxies

Chun-Ying Huang*, Ying-Dar Lin, Peng Yu Liao, Yuan Cheng Lai

*Corresponding author for this work

Research output: Contribution to journalArticlepeer-review

7 Scopus citations


It is a common practice to test a network device by replaying network traffic onto it and observe its reactions. Many replay tools support Transmission Control Protocol/Internet Protocol stateful traffic replay and hence can be used to test switches, routers, and gateway devices. However, they often fail if the device under test (DUT) is an application level proxy. In this paper, we design and implement ProxyReplay to replay application-layer traffic for network proxies. As many application proxies have built-in security functions, the main purpose of this tool is to evaluate the security functionalities of DUTs using payloads constructed from real network traces. ProxyReplay modifies requests and responses and maintains queues for request-response pairs to resolve the issues of protocol dependency, functional dependency, concurrent replay, and error resistance. The solution provides two replay modes, that is, the preprocess mode and the concurrent mode. Depending on the benchmark scenario, we show that the preprocess mode is better for benchmarking the performance capability of a DUT. In contrast, the concurrent mode is used when the replayed trace file is extremely large. Our experiments show 99% accuracy. In addition, the replay performance exceeds 320 Mbps by running the benchmark with an off-the-shelf personal computer in the preprocess mode.

Original languageEnglish
Pages (from-to)970-981
Number of pages12
JournalSecurity and Communication Networks
Issue number6
StatePublished - 1 Apr 2015


  • Application proxy
  • Real flow benchmarking
  • Traffic replay


Dive into the research topics of 'Stateful traffic replay for web application proxies'. Together they form a unique fingerprint.

Cite this