The Infona portal uses cookies, i.e. strings of text saved by a browser on the user's device. The portal can access those files and use them to remember the user's data, such as their chosen settings (screen view, interface language, etc.), or their login data. By using the Infona portal the user accepts automatic saving and using this information for portal operation purposes. More information on the subject can be found in the Privacy Policy and Terms of Service. By closing this window the user confirms that they have read the information on cookie usage, and they accept the privacy policy and the way cookies are used by the portal. You can change the cookie settings in your browser.
HTTP/2 is a newly standardized protocol designed to efficiently utilize the TCP's transmission rate and has other advantages compared to HTTP/1.1. However its threat vectors are not completely understood yet. Our contribution in this paper is threefold. First we describe few new threat vectors of HTTP/2 which are Slow Rate DoS attacks and can be launched by injecting specially crafted HTTP requests. We perform an empirical evaluation of these attacks against popular web servers and report that majority of web servers are vulnerable to these attacks. We also test the effectiveness of proposed attacks using both clear text and encrypted HTTP/2 requests and find that the attack is effective independent of the request type. Second we compare structurally similar attacks with HTTP/1.1 and report that HTTP/2 has more threat vectors compared to its predecessor. Third we propose an anomaly detection scheme which uses chi-square (χ2) test between traffic profiles generated in normal and attack scenarios to detect these attacks.