search

bfenetworks / bfe

A modern layer 7 load balancer from baidu
https://www.bfe-networks.net
Apache License 2.0
6.12k stars 945 forks source link

Proposal: Support HTTP2 fingerprint #1071

Closed deancn closed 2 years ago

deancn commented 2 years ago

Is your feature request related to a problem? Please describe. In recent years, cyber security is facing more and more issues, as a gateway component, BFE should consider and improve the security part.
We can see BFE already integrated with ja3(salesforce), it's very good. But ja3 can be impersonated easier and easier

We found a good solution - http2fingerprint(akamai) this year, and i have already used it. so I propose to implement it in BFE. Demo: https://privacycheck.sec.lrz.de/passive/fp_h2/fp_http2.html#fpDemoHttp2

Describe the solution you'd like

Describe alternatives you've considered

Additional context Reference Paper: https://www.blackhat.com/docs/eu-17/materials/eu-17-Shuster-Passive-Fingerprinting-Of-HTTP2-Clients-wp.pdf

A simple implement by @xqbumu: https://github.com/bfenetworks/bfe/pull/1072

xqbumu commented 2 years ago

here is an initial implementation:

https://github.com/xqbumu/bfe/compare/4f815116..feat/h2fp