Deep Packet Inspection (DPI) engines rely highly on the operation environment i.e., the traffic mix they supposed to work with. A well performing DPI engine requires real-world traffic mixes to be tested on. Due to privacy issues real-world traffic is usually only available at the site of the network operator at a secure measurement point. Furthermore, in order to make signature update, performance tweaks, etc. of the DPI engine, real-like measurements are essential. In this paper we present a traffic generation framework that provides up-to-date traffic mixes continuously. The basic idea of the framework is to generate traffic based on automatic user behavior emulation. Real-world traffic measurements are processed to analyze and extract the most typical user behavior scenarios. Our proposed method uses these typical user behaviors for emulation of users on remote controlled hosts while the network traffic of the user equipment is recorded. As a final step, the framework can build high-speed multiplexed traces from the recorded data which mimic the behavior of real traffic. The characteristics of the constructed traffic compared to real world traffic measurements are also evaluated in the paper showing that the framework is able to generate realistic traffic traces that are both suitable for DPI testing and can be publicly distributed without any privacy concerns. The proof of concept implementation of the presented system is open to the public [1].

• 出版日期2015-12-9