Fingerprinting HTTP2 web pages

Detalhes bibliográficos
Autor(a) principal: Francisco Pedro Chorão Estevão
Data de Publicação: 2017
Tipo de documento: Dissertação
Idioma: eng
Título da fonte: Repositório Científico de Acesso Aberto de Portugal (Repositórios Cientìficos)
Texto Completo: https://hdl.handle.net/10216/105546
Resumo: With the advent of HTTP2 it is no longer straightforward to collect HTTP web object sizes from a passive packet capture of Internet traffic. Web object size attack has been reported as effective in determining side-channel information such as which pages the user is requesting and in which order, which is detrimental to user privacy. Unlike HTTP/1.0 and HTTP/1.1, pipelining, response multiplexing, and server push are actually used which may compromise the correct identification of object sizes. The effect these mechanisms have on hindering the ability of the attacker to determine web object size depends on the web application that is generating traffic. This thesis will characterize the ability to determine web object sizes from HTTP2 packet captures for different web applications.
id RCAP_0380da0e7f5acc10c97b8c1a67d15c71
oai_identifier_str oai:repositorio-aberto.up.pt:10216/105546
network_acronym_str RCAP
network_name_str Repositório Científico de Acesso Aberto de Portugal (Repositórios Cientìficos)
repository_id_str 7160
spelling Fingerprinting HTTP2 web pagesEngenharia electrotécnica, electrónica e informáticaElectrical engineering, Electronic engineering, Information engineeringWith the advent of HTTP2 it is no longer straightforward to collect HTTP web object sizes from a passive packet capture of Internet traffic. Web object size attack has been reported as effective in determining side-channel information such as which pages the user is requesting and in which order, which is detrimental to user privacy. Unlike HTTP/1.0 and HTTP/1.1, pipelining, response multiplexing, and server push are actually used which may compromise the correct identification of object sizes. The effect these mechanisms have on hindering the ability of the attacker to determine web object size depends on the web application that is generating traffic. This thesis will characterize the ability to determine web object sizes from HTTP2 packet captures for different web applications.2017-07-052017-07-05T00:00:00Zinfo:eu-repo/semantics/publishedVersioninfo:eu-repo/semantics/masterThesisapplication/pdfhttps://hdl.handle.net/10216/105546TID:201797895engFrancisco Pedro Chorão Estevãoinfo:eu-repo/semantics/openAccessreponame:Repositório Científico de Acesso Aberto de Portugal (Repositórios Cientìficos)instname:Agência para a Sociedade do Conhecimento (UMIC) - FCT - Sociedade da Informaçãoinstacron:RCAAP2023-11-29T13:39:47Zoai:repositorio-aberto.up.pt:10216/105546Portal AgregadorONGhttps://www.rcaap.pt/oai/openaireopendoar:71602024-03-19T23:45:04.104659Repositório Científico de Acesso Aberto de Portugal (Repositórios Cientìficos) - Agência para a Sociedade do Conhecimento (UMIC) - FCT - Sociedade da Informaçãofalse
dc.title.none.fl_str_mv Fingerprinting HTTP2 web pages
title Fingerprinting HTTP2 web pages
spellingShingle Fingerprinting HTTP2 web pages
Francisco Pedro Chorão Estevão
Engenharia electrotécnica, electrónica e informática
Electrical engineering, Electronic engineering, Information engineering
title_short Fingerprinting HTTP2 web pages
title_full Fingerprinting HTTP2 web pages
title_fullStr Fingerprinting HTTP2 web pages
title_full_unstemmed Fingerprinting HTTP2 web pages
title_sort Fingerprinting HTTP2 web pages
author Francisco Pedro Chorão Estevão
author_facet Francisco Pedro Chorão Estevão
author_role author
dc.contributor.author.fl_str_mv Francisco Pedro Chorão Estevão
dc.subject.por.fl_str_mv Engenharia electrotécnica, electrónica e informática
Electrical engineering, Electronic engineering, Information engineering
topic Engenharia electrotécnica, electrónica e informática
Electrical engineering, Electronic engineering, Information engineering
description With the advent of HTTP2 it is no longer straightforward to collect HTTP web object sizes from a passive packet capture of Internet traffic. Web object size attack has been reported as effective in determining side-channel information such as which pages the user is requesting and in which order, which is detrimental to user privacy. Unlike HTTP/1.0 and HTTP/1.1, pipelining, response multiplexing, and server push are actually used which may compromise the correct identification of object sizes. The effect these mechanisms have on hindering the ability of the attacker to determine web object size depends on the web application that is generating traffic. This thesis will characterize the ability to determine web object sizes from HTTP2 packet captures for different web applications.
publishDate 2017
dc.date.none.fl_str_mv 2017-07-05
2017-07-05T00:00:00Z
dc.type.status.fl_str_mv info:eu-repo/semantics/publishedVersion
dc.type.driver.fl_str_mv info:eu-repo/semantics/masterThesis
format masterThesis
status_str publishedVersion
dc.identifier.uri.fl_str_mv https://hdl.handle.net/10216/105546
TID:201797895
url https://hdl.handle.net/10216/105546
identifier_str_mv TID:201797895
dc.language.iso.fl_str_mv eng
language eng
dc.rights.driver.fl_str_mv info:eu-repo/semantics/openAccess
eu_rights_str_mv openAccess
dc.format.none.fl_str_mv application/pdf
dc.source.none.fl_str_mv reponame:Repositório Científico de Acesso Aberto de Portugal (Repositórios Cientìficos)
instname:Agência para a Sociedade do Conhecimento (UMIC) - FCT - Sociedade da Informação
instacron:RCAAP
instname_str Agência para a Sociedade do Conhecimento (UMIC) - FCT - Sociedade da Informação
instacron_str RCAAP
institution RCAAP
reponame_str Repositório Científico de Acesso Aberto de Portugal (Repositórios Cientìficos)
collection Repositório Científico de Acesso Aberto de Portugal (Repositórios Cientìficos)
repository.name.fl_str_mv Repositório Científico de Acesso Aberto de Portugal (Repositórios Cientìficos) - Agência para a Sociedade do Conhecimento (UMIC) - FCT - Sociedade da Informação
repository.mail.fl_str_mv
_version_ 1799135767322165248

Registros relacionados