Title :
Intrusion Tolerant Approach for Denial of Service Attacks to Web Services
Author :
Ficco, Massimo ; Rak, Massimiliano
Author_Institution :
Dept. of Inf. Eng., Seconda Univ. di Napoli (SUN), Aversa, Italy
Abstract :
Intrusion Detection Systems are the major technology used for protecting information systems. However, they do not directly detect intrusion, but they only monitor the attack symptoms. Therefore, no assumption can be made on the outcome of the attack, no assurance can be assumed once the system is compromised. The intrusion tolerance techniques focus on providing minimal level of services, even when the system has been partially compromised. This paper presents an intrusion tolerant approach for Denial of Service attacks to Web Services. It focuses on the detection of attack symptoms as well as the diagnosis of intrusion effects in order to perform a proper reaction only if the attack succeeds. In particular, this work focuses on a specific Denial of Service attack, called Deeply-Nested XML. Preliminary experimental results show that the proposed approach results in a better performance of the Intrusion Detection Systems, in terms of increasing diagnosis capacity as well as reducing the service unavailability during an intrusion.
Keywords :
Web services; XML; computer network security; Deeply-Nested XML; Web services; denial of service attacks; information system protection; intrusion detection system; intrusion effect diagnosis; intrusion tolerance technique; Computer crime; Detectors; Engines; Monitoring; Simple object access protocol; XML; denial of service; diagnosis; intrusion recovery; intrusion tolerance; web services;
Conference_Titel :
Data Compression, Communications and Processing (CCP), 2011 First International Conference on
Conference_Location :
Palinuro
Print_ISBN :
978-1-4577-1458-0
Electronic_ISBN :
978-0-7695-4528-8
DOI :
10.1109/CCP.2011.44
