Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

YouTube

Passive Fingerprinting of HTTP/2 Clients

OWASP Foundation via YouTube

Overview

Explore the intricacies of passive fingerprinting HTTP/2 clients in this informative conference talk from AppSecUSA 2017. Delve into the fundamental changes introduced by HTTP/2, a full binary protocol that replaces the plain-text HTTP/1.x. Discover how these changes have led to nuances in protocol implementations, enabling passive fingerprinting of web clients. Learn about the research based on over 10 million HTTP/2 connections, yielding fingerprints for more than 40,000 unique user agents across hundreds of implementations. Gain insights into HTTP/2's basic elements, the components chosen for fingerprint format, potential use cases, and usage statistics on Akamai's platform. Examine common HTTP/2 implementations and client fingerprints, assess HTTP/2 support among popular web security tools, and review real-world attacks observed on Akamai's platform. Benefit from the expertise of Elad Shuster, a Security Data Analyst at Akamai with over 10 years of experience in data analysis across various industries.

Syllabus

Passive Fingerprinting of HTTP/2 Clients - Elad Shuster - AppSecUSA 2017

Taught by

OWASP Foundation

Reviews

Start your review of Passive Fingerprinting of HTTP/2 Clients

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Someone learning on their laptop while sitting on the floor.