{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,6,17]],"date-time":"2025-06-17T04:08:23Z","timestamp":1750133303457,"version":"3.41.0"},"publisher-location":"Cham","reference-count":36,"publisher":"Springer International Publishing","isbn-type":[{"type":"print","value":"9783030781194"},{"type":"electronic","value":"9783030781200"}],"license":[{"start":{"date-parts":[[2021,1,1]],"date-time":"2021-01-01T00:00:00Z","timestamp":1609459200000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.springer.com\/tdm"},{"start":{"date-parts":[[2021,1,1]],"date-time":"2021-01-01T00:00:00Z","timestamp":1609459200000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2021]]},"DOI":"10.1007\/978-3-030-78120-0_22","type":"book-chapter","created":{"date-parts":[[2021,6,17]],"date-time":"2021-06-17T05:02:49Z","timestamp":1623906169000},"page":"332-347","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":4,"title":["Less is Often More: Header Whitelisting as Semantic Gap Mitigation in HTTP-Based Software Systems"],"prefix":"10.1007","author":[{"ORCID":"https:\/\/orcid.org\/0000-0002-0138-366X","authenticated-orcid":false,"given":"Andre","family":"B\u00fcttner","sequence":"first","affiliation":[]},{"ORCID":"https:\/\/orcid.org\/0000-0002-6540-5389","authenticated-orcid":false,"given":"Hoai Viet","family":"Nguyen","sequence":"additional","affiliation":[]},{"ORCID":"https:\/\/orcid.org\/0000-0001-7360-8314","authenticated-orcid":false,"given":"Nils","family":"Gruschka","sequence":"additional","affiliation":[]},{"ORCID":"https:\/\/orcid.org\/0000-0002-7863-0622","authenticated-orcid":false,"given":"Luigi","family":"Lo Iacono","sequence":"additional","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2021,6,15]]},"reference":[{"key":"22_CR1","unstructured":"Bijjou, K.: Web application firewall bypassing - how to defeat the blue team (2015). https:\/\/owasp.org\/www-pdf-archive\/OWASP_Stammtisch_Frankfurt_-_Web_Application_Firewall_Bypassing_-_how_to_defeat_the_blue_team_-_2015.10.29.pdf"},{"key":"22_CR2","unstructured":"BitK: I found another way to do HTTP smuggling. https:\/\/twitter.com\/BitK_\/status\/1351587043814604805"},{"issue":"2","key":"22_CR3","doi-asserted-by":"publisher","first-page":"233","DOI":"10.3233\/JCS-181149","volume":"27","author":"S Calzavara","year":"2019","unstructured":"Calzavara, S., Rabitti, A., Bugliesi, M.: Sub-session hijacking on the web: root causes and prevention. J. Comput. Secur. 27(2), 233\u2013257 (2019)","journal-title":"J. Comput. Secur."},{"key":"22_CR4","doi-asserted-by":"crossref","unstructured":"Chen, J., Jiang, J., Duan, H., Weaver, N., Wan, T., Paxson, V.: Host of troubles: multiple host ambiguities in http implementations. In: 23th ACM SIGSAC Conference on Computer and Communications Security (CCS) (2016)","DOI":"10.1145\/2976749.2978394"},{"key":"22_CR5","doi-asserted-by":"crossref","unstructured":"Clincy, V., Shahriar, H.: Web application firewall: network security models and configuration. In: IEEE 42nd Annual Computer Software and Applications Conference (COMPSAC) (2018)","DOI":"10.1109\/COMPSAC.2018.00144"},{"key":"22_CR6","unstructured":"Consortium, W.A.S., et al.: Web application firewall evaluation criteria, version 1.0 (2006)"},{"key":"22_CR7","unstructured":"Davison, N.: Abusing http hop-by-hop request headers (2019). https:\/\/nathandavison.com\/blog\/abusing-http-hop-by-hop-request-headers"},{"key":"22_CR8","unstructured":"Dermann, M., et al.: Best practices: use of web application firewalls. Technical report, The Open Web Application Security Project (2008)"},{"key":"22_CR9","doi-asserted-by":"crossref","unstructured":"Desmet, L., Piessens, F., Joosen, W., Verbaeten, P.: Bridging the gap between web application firewalls and web applications. In: 4th ACM Workshop on Formal methods in Security (2006)","DOI":"10.1145\/1180337.1180344"},{"issue":"4","key":"22_CR10","doi-asserted-by":"publisher","first-page":"421","DOI":"10.1016\/j.comnet.2004.02.008","volume":"45","author":"MD Dikaiakos","year":"2004","unstructured":"Dikaiakos, M.D.: Intermediary infrastructures for the World Wide Web. Comput. Netw. 45(4), 421\u2013447 (2004)","journal-title":"Comput. Netw."},{"key":"22_CR11","doi-asserted-by":"crossref","unstructured":"Fielding, R., et al.: Hypertext Transfer Protocol - HTTP\/1.1. RFC 2616, IETF (1999). https:\/\/tools.ietf.org\/html\/rfc2616","DOI":"10.17487\/rfc2616"},{"key":"22_CR12","doi-asserted-by":"crossref","unstructured":"Fielding, R., Reschke, J.: Hypertext Transfer Protocol (HTTP\/1.1): Message Syntax and Routing. RFC 7230, IETF (2014). https:\/\/tools.ietf.org\/html\/rfc7230","DOI":"10.17487\/rfc7230"},{"key":"22_CR13","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"363","DOI":"10.1007\/978-3-319-68167-2_24","volume-title":"Automated Technology for Verification and Analysis","author":"P Ganty","year":"2017","unstructured":"Ganty, P., K\u00f6pf, B., Valero, P.: A language-theoretic view on network protocols. In: D\u2019Souza, D., Narayan Kumar, K. (eds.) ATVA 2017. LNCS, vol. 10482, pp. 363\u2013379. Springer, Cham (2017). https:\/\/doi.org\/10.1007\/978-3-319-68167-2_24"},{"key":"22_CR14","unstructured":"Gil, O.: WEB CACHE DECEPTION ATTACK. In: Blackhat USA (2017). https:\/\/blogs.akamai.com\/2017\/03\/on-web-cache-deception-attacks.html"},{"key":"22_CR15","doi-asserted-by":"crossref","unstructured":"Guo, R., et al.: CDN judo: breaking the CDN DoS protection with itself. In: Network and Distributed System Security Symposium (NDSS) (2020)","DOI":"10.14722\/ndss.2020.24411"},{"key":"22_CR16","unstructured":"Hacker, A.J.: Importance of Web Application Firewall Technology for Protecting Web-based Resources. ICSA Labs an Independent Verizon Business, p. 7 (2008)"},{"issue":"2","key":"22_CR17","doi-asserted-by":"publisher","first-page":"94","DOI":"10.1023\/A:1018688808734","volume":"15","author":"S Hubbard","year":"1997","unstructured":"Hubbard, S., Sager, J.: Firewalling the net. BT Technol. J. 15(2), 94\u2013106 (1997)","journal-title":"BT Technol. J."},{"key":"22_CR18","unstructured":"IANA functions: Message headers (2020). https:\/\/www.iana.org\/assignments\/message-headers\/message-headers.xhtml"},{"key":"22_CR19","unstructured":"Imperva: Transparent reverse proxy (2020). https:\/\/docs.imperva.com\/bundle\/v14.1-administration-guide\/page\/7200.htm"},{"key":"22_CR20","unstructured":"Jeremy, D., Hils, A., Kaur, R., Watts, J.: Critical capabilities for cloud web application firewall services (2020). https:\/\/www.gartner.com\/doc\/reprints?id=1-1XO56V9N&ct=191022"},{"key":"22_CR21","unstructured":"Keromytis, A.D., Wright, J.L.: Transparent network security policy enforcement. In: USENIX Annual Technical Conference, FREENIX Track, pp. 215\u2013226 (2000)"},{"key":"22_CR22","unstructured":"Kettle, J.: Http desync attacks: Request smuggling reborn (2019). https:\/\/portswigger.net\/research\/http-desync-attacks-request-smuggling-reborn"},{"key":"22_CR23","unstructured":"Klein, A.: Divide and conquer - http response splitting, web cache poisoning attacks, and related topics (2004). https:\/\/dl.packetstormsecurity.net\/papers\/general\/whitepaper_httpresponse.pdf"},{"key":"22_CR24","doi-asserted-by":"crossref","unstructured":"Klein, A.: Http request smuggling in 2020 - new variants, new defenses and new challenges (2020). https:\/\/i.blackhat.com\/USA-20\/Wednesday\/us-20-Klein-HTTP-Request-Smuggling-In-2020-New-Variants-New-Defenses-And-New-Challenges-wp.pdf","DOI":"10.1016\/S0262-4079(20)31488-3"},{"key":"22_CR25","unstructured":"Kogi, E., Kerman, D.: HTTP desync attacks in the wild and how to defend against them (2019). https:\/\/www.imperva.com\/blog\/http-desync-attacks-and-defence-methods\/"},{"key":"22_CR26","doi-asserted-by":"publisher","unstructured":"Levine, J.R.: DNS Blacklists and Whitelists. RFC 5782 (2010). https:\/\/doi.org\/10.17487\/RFC5782. https:\/\/rfc-editor.org\/rfc\/rfc5782.txt","DOI":"10.17487\/RFC5782"},{"key":"22_CR27","unstructured":"Linhart, C., Klein, A., Heled, R., Steve, O.: Http request smuggling (2005). https:\/\/www.cgisecurity.com\/lib\/HTTP-Request-Smuggling.pdf"},{"key":"22_CR28","unstructured":"Lo, J.: Whitelisting for Cyber Security: What It Means for Consumers. Public Interest Advocacy Centre (2011)"},{"key":"22_CR29","unstructured":"Ltd., P.: Access control vulnerabilities and privilege escalation (2020). https:\/\/portswigger.net\/web-security\/access-control"},{"key":"22_CR30","unstructured":"Mirheidari, S.A., Arshad, S., Onarlioglu, K., Crispo, B., Kirda, E., Robertson, W.: Cached and confused: web cache deception in the wild. In: 29th USENIX Security Symposium (USENIX Security) (2020)"},{"key":"22_CR31","doi-asserted-by":"crossref","unstructured":"Nguyen, H.V., Lo Iacono, L., Federrath, H.: Your cache has fallen: cache-poisoned denial-of-service attack. In: 26th ACM Conference on Computer and Communications Security (CCS) (2019)","DOI":"10.1145\/3319535.3354215"},{"key":"22_CR32","unstructured":"OWASP Foundation: OWASP top ten web application security risks (2020). https:\/\/owasp.org\/www-project-top-ten\/"},{"key":"22_CR33","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"295","DOI":"10.1007\/978-3-642-23300-5_23","volume-title":"Availability, Reliability and Security for Business, Enterprise and Health Information Systems","author":"D Pa\u0142ka","year":"2011","unstructured":"Pa\u0142ka, D., Zachara, M.: Learning web application firewall - benefits and caveats. In: Tjoa, A.M., Quirchmayr, G., You, I., Xu, L. (eds.) CD-ARES 2011. LNCS, vol. 6908, pp. 295\u2013308. Springer, Heidelberg (2011). https:\/\/doi.org\/10.1007\/978-3-642-23300-5_23"},{"issue":"9","key":"22_CR34","doi-asserted-by":"publisher","first-page":"1278","DOI":"10.1109\/PROC.1975.9939","volume":"63","author":"JH Saltzer","year":"1975","unstructured":"Saltzer, J.H., Schroeder, M.D.: The protection of information in computer systems. Proc. IEEE 63(9), 1278\u20131308 (1975)","journal-title":"Proc. IEEE"},{"issue":"4","key":"22_CR35","first-page":"455","volume":"17","author":"A Shahzad","year":"2013","unstructured":"Shahzad, A., Hussain, M., Khan, M.N.A.: Protecting from zero-day malware attacks. Middle East J. Sci. Res. 17(4), 455\u2013464 (2013)","journal-title":"Middle East J. Sci. Res."},{"key":"22_CR36","doi-asserted-by":"publisher","unstructured":"Torrano-Gimenez, C., Perez-Villegas, A., Alvarez, G.: A Self-learning anomaly-based web application firewall. In: Herrero, A., Gastaldo, P., Zunino, R., Corchado, E. Computational Intelligence in Security for Information Systems, pp. 85\u201392. Advances in Intelligent and Soft Computing, Springer, Heidelberg (2009). https:\/\/doi.org\/10.1007\/978-3-642-04091-7_11","DOI":"10.1007\/978-3-642-04091-7_11"}],"container-title":["IFIP Advances in Information and Communication Technology","ICT Systems Security and Privacy Protection"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-030-78120-0_22","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,16]],"date-time":"2025-06-16T22:03:16Z","timestamp":1750111396000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1007\/978-3-030-78120-0_22"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2021]]},"ISBN":["9783030781194","9783030781200"],"references-count":36,"URL":"https:\/\/doi.org\/10.1007\/978-3-030-78120-0_22","relation":{},"ISSN":["1868-4238","1868-422X"],"issn-type":[{"type":"print","value":"1868-4238"},{"type":"electronic","value":"1868-422X"}],"subject":[],"published":{"date-parts":[[2021]]},"assertion":[{"value":"15 June 2021","order":1,"name":"first_online","label":"First Online","group":{"name":"ChapterHistory","label":"Chapter History"}},{"value":"SEC","order":1,"name":"conference_acronym","label":"Conference Acronym","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"IFIP International Conference on ICT Systems Security and Privacy Protection","order":2,"name":"conference_name","label":"Conference Name","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Oslo","order":3,"name":"conference_city","label":"Conference City","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Norway","order":4,"name":"conference_country","label":"Conference Country","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"2021","order":5,"name":"conference_year","label":"Conference Year","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"22 June 2021","order":7,"name":"conference_start_date","label":"Conference Start Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"24 June 2021","order":8,"name":"conference_end_date","label":"Conference End Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"36","order":9,"name":"conference_number","label":"Conference Number","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"sec2021","order":10,"name":"conference_id","label":"Conference ID","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"https:\/\/www.ifipsec.org\/2021\/index.html","order":11,"name":"conference_url","label":"Conference URL","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Single-blind","order":1,"name":"type","label":"Type","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"EasyChair","order":2,"name":"conference_management_system","label":"Conference Management System","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"112","order":3,"name":"number_of_submissions_sent_for_review","label":"Number of Submissions Sent for Review","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"28","order":4,"name":"number_of_full_papers_accepted","label":"Number of Full Papers Accepted","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"0","order":5,"name":"number_of_short_papers_accepted","label":"Number of Short Papers Accepted","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"25% - The value is computed by the equation \"Number of Full Papers Accepted \/ Number of Submissions Sent for Review * 100\" and then rounded to a whole number.","order":6,"name":"acceptance_rate_of_full_papers","label":"Acceptance Rate of Full Papers","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"4","order":7,"name":"average_number_of_reviews_per_paper","label":"Average Number of Reviews per Paper","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"3","order":8,"name":"average_number_of_papers_per_reviewer","label":"Average Number of Papers per Reviewer","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"Yes","order":9,"name":"external_reviewers_involved","label":"External Reviewers Involved","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"The conference was held virtually.","order":10,"name":"additional_info_on_review_process","label":"Additional Info on Review Process","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}}]}}