CFP last date
20 May 2024
Call for Paper
June Edition
IJCA solicits high quality original research papers for the upcoming June edition of the journal. The last date of research paper submission is 20 May 2024

Submit your paper
Know more
The week's pick
Responsive image
Enhancing Privacy Preservation: Multi-Attribute Protection with P-Sensitive K-Anonymity

Twinkle Patel Kiran Amin
Random Articles
Reseach Article

Impact of Implementing HTTP/2 in Web Services

by Nagy Ramadan Darwish, Ihab Mohamed Abdelwahab
journal cover thumbnail

International Journal of Computer Applications
Foundation of Computer Science (FCS), NY, USA
Volume 147 - Number 9
Year of Publication: 2016
Authors: Nagy Ramadan Darwish, Ihab Mohamed Abdelwahab
10.5120/ijca2016911182

Nagy Ramadan Darwish, Ihab Mohamed Abdelwahab . Impact of Implementing HTTP/2 in Web Services. International Journal of Computer Applications. 147, 9 ( Aug 2016), 27-32. DOI=10.5120/ijca2016911182

@article{ 10.5120/ijca2016911182,
author = { Nagy Ramadan Darwish, Ihab Mohamed Abdelwahab },
title = { Impact of Implementing HTTP/2 in Web Services },
journal = { International Journal of Computer Applications },
issue_date = { Aug 2016 },
volume = { 147 },
number = { 9 },
month = { Aug },
year = { 2016 },
issn = { 0975-8887 },
pages = { 27-32 },
numpages = {9},
url = { https://ijcaonline.org/archives/volume147/number9/25683-2016911182/ },
doi = { 10.5120/ijca2016911182 },
publisher = {Foundation of Computer Science (FCS), NY, USA},
address = {New York, USA}
}
%0 Journal Article
%1 2024-02-06T23:51:28.892620+05:30
%A Nagy Ramadan Darwish
%A Ihab Mohamed Abdelwahab
%T Impact of Implementing HTTP/2 in Web Services
%J International Journal of Computer Applications
%@ 0975-8887
%V 147
%N 9
%P 27-32
%D 2016
%I Foundation of Computer Science (FCS), NY, USA
Abstract

HTTP/2 is the newest version of the HTTP1.1 protocol that was finalized in May 2015 and introduced as the IETF standard for web communication. HTTP/2 provides significant performance improvements by addressing well-known problems with HTTP/1.1 (e.g., head of line blocking and redundant headers) some of this features may have indirect impact in security. Also, HTTP/2 introduces new features like the default encryption which causes traffic hiding consequently affects a number of services (e.g., web Caching, Traffic classification).HTTP/2 may have some problems (vulnerabilities) like any new develop protocol lead to Denial of Service (DoS) attacks .The research try to figure out the pros and cons of the this new protocol version from different aspect specially security issues.

References
  1. R. Tuyl and S. Northcutt, “Practical Approach to Detecting and Preventing Web Application Attacks over HTTP/2 ", SANS Institute Reading Room site, April 6, 2016.
  2. S. Larsen and J. Villamil, “Attacking HTTP/2 Implementations”, Pacsec 2015.
  3. Peter Megyesi, Zsolt Kramer and Sandor Molnar, “ Comparison of web transfer protocols",
  4. "Turn-on HTTP/2 today!", [Online]. Available: https://http2.akamai.com/. [Accessed: 02- June- 2016].
  5. I.Sommerville, “Software Engineering”, 10th Edition, Chapter (1), ISBN-13: 9780133943276, PP. 4-26, 2016.
  6. I. Grigorik, “High Performance Browser Networking”, Chapter (12), ISBN: 978-1-4493-4476-4, PP. 214, September, 2013.
  7. E.Adi, Z. Baig, C.Lam and P. Hingston, “Low-Rate Denial-of-Service Attacks against HTTP/2 Services” The 5th International Conference on IT Convergence and Security, 17 May 2016.
  8. "7 Tips for Faster HTTP/2 Performance", 2015. [Online]. Available: https://www.nginx.com/blog/7-tips-for-faster-http2-performance/ .[Accessed: 30- June- 2016].
  9. M. Varvello, K. Schomp, D. Naylor, J .Blackburn, A. Finamore, and K. Papagiannaki , “Is The Web HTTP/2 Yet?” , Passive and Active Measurement Conference ,Volume 9631,  pp 233-247, 24 March 2016 .
  10. J. Maisonneuve, V. Gurbani, T. Fossati “The security pendulum”, Internet Architecture Board, August 2015.
  11. S. Winkel, C. Walker “Network Forensics and HTTP/2” , SANS Institute Reading Room site , December 27, 2015 .
  12. E.Adi, Z. Baig, C.Lam and P. Hingston , “Distributed denial-of-service attacks against HTTP/2 services” Cluster Computing ,  Volume 19, Issue 1, pp 79-86 , March 2016 .
  13. D.Naylor, A. Finamorey, I. Leontiadisz, Y. Grunenbergerz, M. Melliay, M. Munafòy, K. Papagiannakiz, and P. Steenkiste," The Cost of the “S” in HTTPS ", the 10th ACM International on Conference on emerging Networking Experiments and Technologies,pp 133-140,2014 .
  14. "A Simple Performance Comparison of HTTPS, SPDY and HTTP/2",2015. [Online]. Available: http://blog.httpwatch.com/2015/01/16/a-simple-performance-comparison-of-https-spdy-and-http2/comment-page-1/ . [Accessed: 30- June- 2016].
  15. "CloudFlare HTTP/2, Reload Demo “",2016. [Online]. Available: https://www.cloudflare.com/http2/ . [Accessed: 30- June- 2016].
  16. “Let’s Encrypt: Delivering SSL/TLS Everywhere”, 2014.]Available[Online],https://letsencrypt.org/2014/11/18/announcing-lets-encrypt.html. [Accessed: 30- June- 2016].
  17. K. Zarifis, M. Holland, M .Jain,E. Katz-Bassett, R. Govindan, “Modeling HTTP/2 Speed from HTTP/1 Traces”, Passive and Active Measurement Conference ,Volume 9631, pp 218-232, 24 March 2016.
  18. “SSL Cipher Suites, “2013. [Online]. “http://www.slideshare.net/tgbenson/ssl-overview-28892698/’. [Accessed: 03- August- 2016].
  19. N. Ramadan, I. Abdelwahed, “A Security Testing Framework for Scrum based Projects”. International Journal of Computer Applications, March2016.
Index Terms

Computer Science
Information Sciences

Keywords

DoS IETF Vulnerabilities Caching

Powered by PhDFocusTM