Network security services often inspect online communication sessions for potential security risks. For example, a Layer 7 security service may provide a traditional Transmission Control Protocol (TCP) proxy that performs a security inspection on a TCP session established between a server and a client. In this example, the security inspection may involve reassembling, buffering, and/or modifying a stream transferred between the server and client during the TCP session.
Unfortunately, this type of security inspection may lead to the consumption of a significant amount of resources. For example, the traditional TCP proxy may involve the server and/or client emulators saving packets, timers, and/or acknowledgements as well as performing retransmissions in order to facilitate this type of security inspection. The traditional TCP proxy, however, may fail to take into account whether the TCP session actually necessitates such an extensive security inspection.
The instant disclosure, therefore, identifies and addresses a need for improved systems, methods, and apparatuses for inspecting online communication sessions via polymorphic security proxies.