{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,9,11]],"date-time":"2025-09-11T19:05:07Z","timestamp":1757617507719,"version":"3.44.0"},"publisher-location":"Cham","reference-count":55,"publisher":"Springer Nature Switzerland","isbn-type":[{"type":"print","value":"9783031859595"},{"type":"electronic","value":"9783031859601"}],"license":[{"start":{"date-parts":[[2025,1,1]],"date-time":"2025-01-01T00:00:00Z","timestamp":1735689600000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"},{"start":{"date-parts":[[2025,1,1]],"date-time":"2025-01-01T00:00:00Z","timestamp":1735689600000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2025]]},"DOI":"10.1007\/978-3-031-85960-1_7","type":"book-chapter","created":{"date-parts":[[2025,3,6]],"date-time":"2025-03-06T07:24:21Z","timestamp":1741245861000},"page":"155-181","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":1,"title":["HTTP Conformance vs. Middleboxes: Identifying Where the\u00a0Rules Actually Break Down"],"prefix":"10.1007","author":[{"given":"Ilies","family":"Benhabbour","sequence":"first","affiliation":[]},{"given":"Mahmoud","family":"Attia","sequence":"additional","affiliation":[]},{"given":"Marc","family":"Dacier","sequence":"additional","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2025,3,7]]},"reference":[{"key":"7_CR1","unstructured":"6sense: Content delivery network (CDN) (2024). https:\/\/6sense.com\/tech\/content-delivery-network-cdn. Accessed 26 Sept 2024"},{"key":"7_CR2","unstructured":"Adamczyk, P., Hafiz, M., Johnson, R.E.: Non-compliant and proud: a case study of http compliance (2008). https:\/\/www.ideals.illinois.edu\/items\/11454. Accessed 26 Sept 2024"},{"key":"7_CR3","unstructured":"Alonso, J.F., Dalby, K.: Github - juanfont\/headscale: an open source, self-hosted implementation of the tailscale control server (2024). https:\/\/github.com\/juanfont\/headscale. Accessed 21 July 2024"},{"key":"7_CR4","doi-asserted-by":"crossref","unstructured":"Barik, R., Welzl, M., Elmokashfi, A.M., Gjessing, S., Islam, S.: fling: a flexible ping for middlebox measurements. In: 2017 29th International Teletraffic Congress (ITC 29), vol.\u00a01, pp. 134\u2013142. IEEE (2017)","DOI":"10.23919\/ITC.2017.8064349"},{"key":"7_CR5","doi-asserted-by":"publisher","unstructured":"Belshe, M., Peon, R., Thomson, M.: Hypertext transfer protocol version 2 (HTTP\/2). RFC 7540 (2015). https:\/\/doi.org\/10.17487\/RFC7540, https:\/\/www.rfc-editor.org\/info\/rfc7540","DOI":"10.17487\/RFC7540"},{"key":"7_CR6","unstructured":"Belson, D.: Cloudflare 2023 year in review\u2014blog.cloudflare.com (2023). https:\/\/blog.cloudflare.com\/radar-2023-year-in-review\/. Accessed 14 Sept 2024"},{"issue":"1","key":"7_CR7","doi-asserted-by":"publisher","first-page":"1","DOI":"10.5604\/01.3001.0016.1461","volume":"1","author":"I Benhabbour","year":"2022","unstructured":"Benhabbour, I., Dacier, M.: Nopasaran: a novel platform for analysing semi-active elements in routes across a network. Appl. Cybersecuri. Internet Govern. 1(1), 1\u201325 (2022)","journal-title":"Appl. Cybersecuri. Internet Govern."},{"key":"7_CR8","doi-asserted-by":"publisher","unstructured":"Bishop, M.: HTTP\/3. RFC 9114 (2022). https:\/\/doi.org\/10.17487\/RFC9114, https:\/\/www.rfc-editor.org\/info\/rfc9114","DOI":"10.17487\/RFC9114"},{"key":"7_CR9","doi-asserted-by":"publisher","unstructured":"Bradner, S.O.: Key words for use in RFCs to indicate requirement levels. RFC 2119 (1997). https:\/\/doi.org\/10.17487\/RFC2119, https:\/\/www.rfc-editor.org\/info\/rfc2119","DOI":"10.17487\/RFC2119"},{"key":"7_CR10","doi-asserted-by":"publisher","unstructured":"Brim, S.W., Carpenter, B.E.: Middleboxes: taxonomy and issues. RFC 3234 (2002). https:\/\/doi.org\/10.17487\/RFC3234, https:\/\/www.rfc-editor.org\/info\/rfc3234","DOI":"10.17487\/RFC3234"},{"key":"7_CR11","doi-asserted-by":"publisher","first-page":"103051","DOI":"10.1016\/j.cose.2022.103051","volume":"125","author":"E Chatzoglou","year":"2023","unstructured":"Chatzoglou, E., Kouliaridis, V., Kambourakis, G., Karopoulos, G., Gritzalis, S.: A hands-on gaze on HTTP\/3 security through the lens of HTTP\/2 and a public dataset. Comput. Secur. 125, 103051 (2023)","journal-title":"Comput. Secur."},{"key":"7_CR12","doi-asserted-by":"crossref","unstructured":"Chen, J., Jiang, J., Duan, H., Weaver, N., Wan, T., Paxson, V.: Host of troubles: multiple host ambiguities in http implementations. In: Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security, pp. 1516\u20131527 (2016)","DOI":"10.1145\/2976749.2978394"},{"key":"7_CR13","doi-asserted-by":"crossref","unstructured":"Chung, T., Choffnes, D., Mislove, A.: Tunneling for transparency: a large-scale analysis of end-to-end violations in the internet. In: Proceedings of the 2016 Internet Measurement Conference, pp. 199\u2013213 (2016)","DOI":"10.1145\/2987443.2987455"},{"issue":"4","key":"7_CR14","doi-asserted-by":"publisher","first-page":"151","DOI":"10.1145\/2740070.2626321","volume":"44","author":"R Craven","year":"2014","unstructured":"Craven, R., Beverly, R., Allman, M.: A middlebox-cooperative TCP for a non end-to-end internet. ACM SIGCOMM Comput. Commun. Rev. 44(4), 151\u2013162 (2014)","journal-title":"ACM SIGCOMM Comput. Commun. Rev."},{"key":"7_CR15","doi-asserted-by":"crossref","unstructured":"Detal, G., Hesmans, B., Bonaventure, O., Vanaubel, Y., Donnet, B.: Revealing middlebox interference with tracebox. In: Proceedings of the 2013 Conference on Internet Measurement Conference, pp.\u00a01\u20138 (2013)","DOI":"10.1145\/2504730.2504757"},{"key":"7_CR16","doi-asserted-by":"crossref","unstructured":"Edeline, K., Donnet, B.: A bottom-up investigation of the transport-layer ossification. In: 2019 Network Traffic Measurement and Analysis Conference (TMA), pp. 169\u2013176. IEEE (2019)","DOI":"10.23919\/TMA.2019.8784690"},{"key":"7_CR17","doi-asserted-by":"publisher","unstructured":"Fielding, R.T., Nielsen, H., Mogul, J., Gettys, J., Berners-Lee, T.: Hypertext transfer protocol \u2013 HTTP\/1.1. RFC 2068 (1997). https:\/\/doi.org\/10.17487\/RFC2068, https:\/\/www.rfc-editor.org\/info\/rfc2068","DOI":"10.17487\/RFC2068"},{"key":"7_CR18","doi-asserted-by":"publisher","unstructured":"Fielding, R.T., Nottingham, M., Reschke, J.: Hypertext transfer protocol (HTTP\/1.1): caching. RFC 7234 (2014). https:\/\/doi.org\/10.17487\/RFC7234, https:\/\/www.rfc-editor.org\/info\/rfc7234","DOI":"10.17487\/RFC7234"},{"key":"7_CR19","doi-asserted-by":"publisher","unstructured":"Fielding, R.T., Nottingham, M., Reschke, J.: HTTP caching. RFC 9111 (2022). https:\/\/doi.org\/10.17487\/RFC9111, https:\/\/www.rfc-editor.org\/info\/rfc9111","DOI":"10.17487\/RFC9111"},{"key":"7_CR20","doi-asserted-by":"publisher","unstructured":"Fielding, R.T., Nottingham, M., Reschke, J.: HTTP\/1.1. RFC 9112 (2022). https:\/\/doi.org\/10.17487\/RFC9112, https:\/\/www.rfc-editor.org\/info\/rfc9112","DOI":"10.17487\/RFC9112"},{"key":"7_CR21","unstructured":"Gil, O.: Web cache deception attack. Black Hat USA (2017). https:\/\/www.blackhat.com\/docs\/us-17\/wednesday\/us-17-Gil-Web-Cache-Deception-Attack-wp.pdf. Accessed 26 Sept 2024"},{"key":"7_CR22","unstructured":"Heled, R.: HTTP request smuggling (2005). https:\/\/www.cgisecurity.com\/lib\/HTTP-Request-Smuggling.pdf. Accessed 26 Sept 2024"},{"issue":"1","key":"7_CR23","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1145\/3595290","volume":"1","author":"F Hilal","year":"2023","unstructured":"Hilal, F., Gasser, O.: Yarrpbox: detecting middleboxes at internet-scale. Proc. ACM Netw. 1(1), 1\u201323 (2023)","journal-title":"Proc. ACM Netw."},{"key":"7_CR24","doi-asserted-by":"crossref","unstructured":"Honda, M., Nishida, Y., Raiciu, C., Greenhalgh, A., Handley, M., Tokuda, H.: Is it still possible to extend TCP? In: Proceedings of the 2011 ACM SIGCOMM Conference on Internet Measurement Conference, pp. 181\u2013194 (2011)","DOI":"10.1145\/2068816.2068834"},{"key":"7_CR25","doi-asserted-by":"crossref","unstructured":"Huang, S., Cuadrado, F., Uhlig, S.: Middleboxes in the internet: a HTTP perspective. In: 2017 Network Traffic Measurement and Analysis Conference (TMA), pp.\u00a01\u20139. IEEE (2017)","DOI":"10.23919\/TMA.2017.8002906"},{"key":"7_CR26","unstructured":"Ierymenko, A., Henry, J.: Github - zerotier\/zerotierone: a smart ethernet switch for earth (2024). https:\/\/github.com\/zerotier\/ZeroTierOne. Accessed 21 July 2024"},{"key":"7_CR27","unstructured":"Ishizawa, M.: GitHub - summerwind\/h2spec: a conformance testing tool for HTTP\/2 implementation\u2014github.com (2020). https:\/\/github.com\/summerwind\/h2spec. Accessed 15 Sept 2024"},{"key":"7_CR28","doi-asserted-by":"crossref","unstructured":"Jabiyev, B., Gavazzi, A., Onarlioglu, K., Kirda, E.: Gudifu: guided differential fuzzing for http request parsing discrepancies. In: Proceedings of the 27th International Symposium on Research in Attacks, Intrusions and Defenses, RAID 2024, pp. 235\u2013247. Association for Computing Machinery, New York (2024)","DOI":"10.1145\/3678890.3678904"},{"key":"7_CR29","unstructured":"Jabiyev, B., Sprecher, S., Gavazzi, A., Innocenti, T., Onarlioglu, K., Kirda, E.: $$\\{$$FRAMESHIFTER$$\\}$$: security implications of $$\\{$$HTTP\/2-to-HTTP\/1$$\\}$$ conversion anomalies. In: 31st USENIX Security Symposium (USENIX Security 2022), pp. 1061\u20131075 (2022)"},{"key":"7_CR30","doi-asserted-by":"crossref","unstructured":"Jabiyev, B., Sprecher, S., Onarlioglu, K., Kirda, E.: T-Reqs: HTTP request smuggling with differential fuzzing. In: Proceedings of the 2021 ACM SIGSAC Conference on Computer and Communications Security, pp. 1805\u20131820 (2021)","DOI":"10.1145\/3460120.3485384"},{"key":"7_CR31","unstructured":"Kallus, B., Anantharaman, P., Locasto, M., Smith, S.W.: The HTTP garden: discovering parsing vulnerabilities in HTTP\/1.1 implementations by differential fuzzing of request streams. arXiv preprint arXiv:2405.17737 (2024)"},{"key":"7_CR32","unstructured":"Kettle, J.: HTTP\/2: the sequel is always worse\u2014portswigger.net (2021). https:\/\/portswigger.net\/research\/http2. Accessed 25 July 2024"},{"key":"7_CR33","doi-asserted-by":"crossref","unstructured":"Kjorveziroski, V., Bernad, C., Gilly, K., Filiposka, S.: Full-mesh VPN performance evaluation for a secure edge-cloud continuum. Softw.: Pract. Exp. (2024)","DOI":"10.1002\/spe.3329"},{"key":"7_CR34","unstructured":"Krishnamurthy, B., Arlitt, M.: $$\\{$$PRO-COW$$\\}$$: protocol compliance on the $$\\{$$Web\u2013A$$\\}$$ longitudinal study. In: 3rd USENIX Symposium on Internet Technologies and Systems (USITS 2001) (2001)"},{"key":"7_CR35","doi-asserted-by":"publisher","unstructured":"Leiba, B.: Ambiguity of uppercase vs lowercase in RFC 2119 key words. RFC 8174 (2017). https:\/\/doi.org\/10.17487\/RFC8174, https:\/\/www.rfc-editor.org\/info\/rfc8174","DOI":"10.17487\/RFC8174"},{"key":"7_CR36","unstructured":"Mirheidari, S.A., Arshad, S., Onarlioglu, K., Crispo, B., Kirda, E., Robertson, W.: Cached and confused: web cache deception in the wild. In: 29th USENIX Security Symposium (USENIX Security 2020), pp. 665\u2013682 (2020)"},{"key":"7_CR37","unstructured":"Mirheidari, S.A., Golinelli, M., Onarlioglu, K., Kirda, E., Crispo, B.: Web cache deception escalates! In: 31st USENIX Security Symposium (USENIX Security 2022), pp. 179\u2013196 (2022)"},{"key":"7_CR38","unstructured":"MITRE Corporation: CVE search results. https:\/\/cve.mitre.org\/cgi-bin\/cvekey.cgi?keyword=smuggling. Accessed 25 Sept 2024"},{"key":"7_CR39","unstructured":"NetBird Team: Github - netbirdio\/netbird: connect your devices into a secure wireguard\u00ae-based overlay network with SSO, MFA, and granular access controls (2024). https:\/\/github.com\/netbirdio\/netbird. Accessed 21 July 2024"},{"key":"7_CR40","doi-asserted-by":"crossref","unstructured":"Nguyen, H.V., Iacono, L.L., Federrath, H.: Mind the cache: large-scale explorative study of web caching. In: Proceedings of the 34th ACM\/SIGAPP Symposium on Applied Computing, pp. 2497\u20132506 (2019)","DOI":"10.1145\/3297280.3297526"},{"key":"7_CR41","doi-asserted-by":"crossref","unstructured":"Nguyen, H.V., Lo\u00a0Iacono, L., Federrath, H.: Systematic analysis of web browser caches. In: Proceedings of the 2Nd International Conference on Web Studies, pp. 64\u201371 (2018)","DOI":"10.1145\/3240431.3240443"},{"key":"7_CR42","doi-asserted-by":"publisher","unstructured":"Nielsen, H., Fielding, R.T., Berners-Lee, T.: Hypertext transfer protocol \u2013 HTTP\/1.0. RFC 1945 (1996). https:\/\/doi.org\/10.17487\/RFC1945, https:\/\/www.rfc-editor.org\/info\/rfc1945","DOI":"10.17487\/RFC1945"},{"issue":"4","key":"7_CR43","doi-asserted-by":"publisher","first-page":"287","DOI":"10.1145\/964723.383083","volume":"31","author":"J Pahdye","year":"2001","unstructured":"Pahdye, J., Floyd, S.: On inferring TCP behavior. ACM SIGCOMM Comput. Commun. Rev. 31(4), 287\u2013298 (2001)","journal-title":"ACM SIGCOMM Comput. Commun. Rev."},{"key":"7_CR44","unstructured":"Pardue, L., Desgats, J.: HTTP\/2 rapid reset: deconstructing the record-breaking attack (2023). https:\/\/blog.cloudflare.com\/technical-breakdown-http2-rapid-reset-ddos-attack\/. Accessed 24 Sept 2024"},{"key":"7_CR45","doi-asserted-by":"crossref","unstructured":"Rautenstrauch, J., Stock, B.: Who\u2019s breaking the rules? Studying conformance to the http specifications and its security impact. In: Proceedings of the 19th ACM Asia Conference on Computer and Communications Security, pp. 843\u2013855 (2024)","DOI":"10.1145\/3634737.3637678"},{"key":"7_CR46","doi-asserted-by":"publisher","unstructured":"Reddy.K, T., Johnston, A., Matthews, P., Rosenberg, J.: Traversal using relays around NAT (TURN): relay extensions to session traversal utilities for NAT (STUN). RFC 8656 (2020). https:\/\/doi.org\/10.17487\/RFC8656, https:\/\/www.rfc-editor.org\/info\/rfc8656","DOI":"10.17487\/RFC8656"},{"key":"7_CR47","doi-asserted-by":"publisher","unstructured":"Rosenberg, J.: Interactive connectivity establishment (ICE): a protocol for network address translator (NAT) traversal for offer\/answer protocols. RFC 5245 (2010). https:\/\/doi.org\/10.17487\/RFC5245, https:\/\/www.rfc-editor.org\/info\/rfc5245","DOI":"10.17487\/RFC5245"},{"key":"7_CR48","doi-asserted-by":"publisher","unstructured":"Rosenberg, J., Huitema, C., Mahy, R., Weinberger, J.: STUN - simple traversal of user datagram protocol (UDP) through network address translators (NATs). RFC 3489 (2003). https:\/\/doi.org\/10.17487\/RFC3489, https:\/\/www.rfc-editor.org\/info\/rfc3489","DOI":"10.17487\/RFC3489"},{"issue":"4","key":"7_CR49","doi-asserted-by":"publisher","first-page":"277","DOI":"10.1145\/357401.357402","volume":"2","author":"JH Saltzer","year":"1984","unstructured":"Saltzer, J.H., Reed, D.P., Clark, D.D.: End-to-end arguments in system design. ACM Trans. Comput. Syst. (TOCS) 2(4), 277\u2013288 (1984)","journal-title":"ACM Trans. Comput. Syst. (TOCS)"},{"key":"7_CR50","doi-asserted-by":"crossref","unstructured":"Shen, K., et al.: HDiff: a semi-automatic framework for discovering semantic gap attack in http implementations. In: 2022 52nd Annual IEEE\/IFIP International Conference on Dependable Systems and Networks (DSN), pp. 1\u201313. IEEE (2022)","DOI":"10.1109\/DSN53405.2022.00014"},{"key":"7_CR51","unstructured":"The Chromium Project: Spdy: An experimental protocol for a faster web. https:\/\/www.chromium.org\/spdy\/spdy-whitepaper\/. Accessed 23 July 2024"},{"key":"7_CR52","doi-asserted-by":"publisher","unstructured":"Thomson, M., Benfield, C.: HTTP\/2. RFC 9113 (2022). https:\/\/doi.org\/10.17487\/RFC9113, https:\/\/www.rfc-editor.org\/info\/rfc9113","DOI":"10.17487\/RFC9113"},{"key":"7_CR53","doi-asserted-by":"publisher","first-page":"174","DOI":"10.4236\/jcc.2021.96010","volume":"09","author":"A Vitale","year":"2021","unstructured":"Vitale, A., Dacier, M.: Inmap-t: leveraging TTCN-3 to test the security impact of intra network elements. J. Comput. Commun. 09, 174\u2013190 (2021)","journal-title":"J. Comput. Commun."},{"key":"7_CR54","unstructured":"World Wide Web Consortium (W3C): Factory: HTTP compliance and W3C QA (2001). https:\/\/www.w3.org\/2001\/01\/qa-ws\/pp\/alex-rousskov-measfact. Accessed 24 July 2024"},{"key":"7_CR55","doi-asserted-by":"crossref","unstructured":"Zullo, R., Pescap\u00e9, A., Edeline, K., Donnet, B.: Hic sunt proxies: unveiling proxy phenomena in mobile networks. In: 2019 Network Traffic Measurement and Analysis Conference (TMA), pp. 227\u2013232. IEEE (2019)","DOI":"10.23919\/TMA.2019.8784678"}],"container-title":["Lecture Notes in Computer Science","Passive and Active Measurement"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-031-85960-1_7","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,9,6]],"date-time":"2025-09-06T07:12:18Z","timestamp":1757142738000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1007\/978-3-031-85960-1_7"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2025]]},"ISBN":["9783031859595","9783031859601"],"references-count":55,"URL":"https:\/\/doi.org\/10.1007\/978-3-031-85960-1_7","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"type":"print","value":"0302-9743"},{"type":"electronic","value":"1611-3349"}],"subject":[],"published":{"date-parts":[[2025]]},"assertion":[{"value":"7 March 2025","order":1,"name":"first_online","label":"First Online","group":{"name":"ChapterHistory","label":"Chapter History"}},{"value":"PAM","order":1,"name":"conference_acronym","label":"Conference Acronym","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"International Conference on Passive and Active Network Measurement","order":2,"name":"conference_name","label":"Conference Name","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"2025","order":5,"name":"conference_year","label":"Conference Year","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"10 March 2025","order":7,"name":"conference_start_date","label":"Conference Start Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"12 March 2025","order":8,"name":"conference_end_date","label":"Conference End Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"26","order":9,"name":"conference_number","label":"Conference Number","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"pam2025","order":10,"name":"conference_id","label":"Conference ID","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"https:\/\/udesa.edu.ar\/pam25","order":11,"name":"conference_url","label":"Conference URL","group":{"name":"ConferenceInfo","label":"Conference Information"}}]}}