Detecting semi active intra networks components Sat, Jul 30 2022 Research In theory, clients and servers communicate without having their application data tampered with. This is the famous end-to-end principle introduced by P. Baran in 1960. However, as A. Einstein previously mentioned, "In theory, theory and practice are the same. In practice, they are not” and computer networking is a perfect example of such an affirmation. A large quantity of devices in reality interfere with data sent across the network. These devices can be used for totally reasonable reasons; performance (load balancers, CDNs), security (proxies, firewalls) etc… However, these devices often
Fighting web scrapers bots Sat, Jul 30 2022 - Sun, Jul 30 2023 Research This project aims at finding new ways to detect and mitigate web scrapers attacking e-commerce websites such as Amadeus IT Group, company with which she closely collaborates. An ongoing battle has been running for more than a decade between e-commerce websites owners and web scrapers. Whenever one party finds a new technique to prevail, the other one comes up with a solution to defeat it. We are currently studying scrapers taking advantage of Residential IP Proxies (RESIP), the latest sophistication on the attackers side. RESIP parties enable scrapers to have access, for a fee, to a vast
Fingerprinting HTTP smuggling Sat, Jul 30 2022 - Sun, Jul 30 2023 Research The Hypertext Transfer Protocol (HTTP) is the foundation of the World Wide Web, and is used to load webpages and other resources using hypertext links. When clicking on a link, the user’s communicates with a backend server to ask for a webpage. The user expects to be connecting directly to the server delivering the page but, more often than not, its HTTP request is handled first by some sort of proxy machine, either for caching, load balancing or security reasons. This is an application layer proxy which will interpret the HTTP request and, possibly, modify it by inserting, removing, modifying
