Impact of Implementing HTTP/2 in Web Services

HTTP/2 is the newest version of the HTTP1.1 protocol that was finalized in May 2015 and introduced as the IETF standard for web communication. HTTP/2 provides significant performance improvements by addressing well-known problems with HTTP/1.1 (e.g., head of line blocking and redundant headers) some of this features may have indirect impact in security. Also, HTTP/2 introduces new features like the default encryption which causes traffic hiding consequently affects a number of services (e.g., web Caching, Traffic classification).HTTP/2 may have some problems (vulnerabilities) like any new develop protocol lead to Denial of Service (DoS) attacks .The research try to figure out the pros and cons of the this new protocol version from different aspect specially security issues.

[1]  Zubair A. Baig,et al.  Low-Rate Denial-of-Service Attacks against HTTP/2 Services , 2015, 2015 5th International Conference on IT Convergence and Security (ICITCS).

[2]  Konstantina Papagiannaki,et al.  Is the Web HTTP/2 Yet? , 2016, PAM.

[3]  Ramesh Govindan,et al.  Modeling HTTP/2 Speed from HTTP/1 Traces , 2016, PAM.

[4]  Zubair A. Baig,et al.  Distributed denial-of-service attacks against HTTP/2 services , 2016, Cluster Computing.

[5]  Yan Grunenberger,et al.  The Cost of the "S" in HTTPS , 2014, CoNEXT.

[6]  Nagy Ramadan Darwish,et al.  A Security Testing Framework for Scrum based Projects , 2016 .

[7]  Nagy Ramadan,et al.  A Security Testing Framework for Scrum based Projects , 2016 .

[8]  Vijay K. Gurbani,et al.  The security pendulum , 2015 .

[9]  Bruce McMillin,et al.  Software engineering: What is it? , 2018, 2018 IEEE Aerospace Conference.