HTB: A Very Effective Method to Protect Web Servers Against BREACH Attack to HTTPs

BREACH is a side-channel attack to HTTPS that allows an attacker obtain victims’ credentials under certain conditions. An with privileged position on the network can guess character by secret session key just analyzing size of responses returned server over and encrypted. Heal Breach (HTB) proposed technique mitigate randomly changing through modified gzip library. The needs precision one byte in be able determine if part token. Since library introduces randomness response, becomes ineffective. only way circumvent this protection make several requests compute average which minimizes random effect. Mathematical experimental results show that, for variation from 1 10 bytes, analyze 500 times more packages enough accuracy surpass mitigation. However, number increases it easier isolate block using standard Intrusion Detection Systems (IDS). Compared other mitigations, approach presented paper very effective, easy implement all websites hosted server, produces negligible increase normal traffic.