Hiding in plain sight: Disguising HTTPS traffic with domain-fronting – Matt Urquhart
Abstract
Domain-fronting is a technique used to disguise HTTPS traffic as being destined for one service, but actually communicating with a different service. It relies on an implementation detail of HTTPS stacks which share infrastructure between customers. Recently, there has been a large amount of media attention surrounding a popular instant-messaging app using this technique to evade censorship. What is domain fronting and how does it work? This talk aims to give you everything you need to fully understand domain fronting, try it yourself, and understand how domain-fronting can also open a path to DoS and IP spoofing attacks.
Bio
Matt is a software developer from Australia who first became interested in Infosec after hearing of hilarious pranks played during the early days of the Internet. In his spare time he enjoys playing the drums.