Passive Fingerprinting of HTTP/2 Clients

Explore the intricacies of passive fingerprinting HTTP/2 clients in this informative conference talk from AppSecUSA 2017. Delve into the fundamental changes introduced by HTTP/2, a full binary protocol that replaces the plain-text HTTP/1.x. Discover how these changes have led to nuances in protocol implementations, enabling passive fingerprinting of web clients. Learn about the research based on over 10 million HTTP/2 connections, yielding fingerprints for more than 40,000 unique user agents across hundreds of implementations. Gain insights into HTTP/2's basic elements, the components chosen for fingerprint format, potential use cases, and usage statistics on Akamai's platform. Examine common HTTP/2 implementations and client fingerprints, assess HTTP/2 support among popular web security tools, and review real-world attacks observed on Akamai's platform. Benefit from the expertise of Elad Shuster, a Security Data Analyst at Akamai with over 10 years of experience in data analysis across various industries.