Effective Method to Protect Web Servers Against Breach Attacks
Abdusamatov Somon presents an effective method called HTB to protect web servers against breach attacks, focusing on secure computation and mitigation. The research addresses side-channel attacks based on compression and the CRIME BREACH issue, providing insights into implementing the breach attack and the HTB method to mitigate it.
Download Presentation
Please find below an Image/Link to download the presentation.
The content on the website is provided AS IS for your information and personal use only. It may not be sold, licensed, or shared on other websites without obtaining consent from the author. Download presentation by click this link. If you encounter any issues during the download, it is possible that the publisher has removed the file from their server.
E N D
Presentation Transcript
HTB: A VERY EFFECTIVE METHOD HTB: A VERY EFFECTIVE METHOD TO PROTECT WEB SERVERS TO PROTECT WEB SERVERS AGAINST BREACH ATTACK TO AGAINST BREACH ATTACK TO HTTPS HTTPS Presentation was made by: Presentation was made by: Abdusamatov Somon Abdusamatov Somon
Plan 1.Motivation 1.Motivation 2.Problem 2.Problem 3.Method 3.Method 4.Result 4.Result 5.Conclusion 5.Conclusion
Motivation Motivation Side-channel attacks Side-channels attacks based on compression were first investigated by Kelsey in 2002 In this research, Authors focus on secure computation. This paper presents a mitigation called Heal the Breach (or HTB)
Problem Problem CRIME BREACH The server must use HTTP compression. The website must reflect user-input in HTTP response body. HTML code must include a secret token that could be used to impersonate the victim.
Example of webpage which reflects user Example of webpage which reflects user- -input in HTTP response body input in HTTP response body
Sample HTML code of the response. Sample HTML code of the response.
Method Method IMPLEMENTATION OF THE BREACH ATTACK The Python program make 2 requests for each Hexadecimal characters [ 0 , 1 , 2 , 3 , 4 , 5 , 6 , 7 , 8 , 9 , a , b , c , d , e , f ] that can be used in the secret token. Example curl header Accept-Encoding: gzip -o file.gz URL https://apps.icai.comillas.edu/owa2/?canary = 7 size 1606 https://apps.icai.comillas.edu/owa2/?canary = a size 1605 Huffman coding generates problems because of the variation of the frequency of the characters as more letters are added to the token string.
Two queries to find out if f is the next character in the secret token. Two queries to find out if f is the next character in the secret token.
Heal the Breach (HTB) is the method to mitigate the BREACH Heal the Breach (HTB) is the method to mitigate the BREACH attack attack HTB produces a randomized response size by creating a fake filename in the header HTB produces a randomized response size by creating a fake filename in the header section of the section of the gzip gzip file format which is meaningless for the browser. file format which is meaningless for the browser. The implementation of the modified The implementation of the modified gzip gzip library, called library, called gzip_randomizer gzip_randomizer gzip gzip file structure. Example using filename file structure. Example using filename abc abc. .
Error in the file size minimizes as a function of the number of queries while computing the Error in the file size minimizes as a function of the number of queries while computing the mean value. Figure shows 4 experiments, all converging towards 1572.5. mean value. Figure shows 4 experiments, all converging towards 1572.5.
Request from standard browser that accepts Request from standard browser that accepts gzip Standard system without HTB protection. Standard system without HTB protection. gzip encoding. encoding. Server uses Server uses gzip_randomizer gzip_randomizer (HTB protection) to modify the length of (HTB protection) to modify the length of the the gzip gzip output. output.
Conclusion Conclusion
Q&A Q&A
