Title :
Architecting Web Service Attack Detection Handlers
Author :
Andrekanic, Alex ; Gamble, Rose
Author_Institution :
Tandy Sch. of Comput. Sci., Univ. of Tulsa, Tulsa, OK, USA
Abstract :
There is a wealth of research on web service attack types and different techniques to mitigate them. However, there is little discussion on reusable methods for implementing these known techniques. In this paper, we introduce two handler architectures that can be reused to implement a broad set of known attack countermeasures. While structurally similar, the architectures differ in the information they require for attack detection, in the needed changes to or restructuring of the message and its content, and in their invocation order among other handlers deployed on the application server and used by the web service. We present the handler architecture designs and how they address the specific web service attack types. We discuss the benefits of their attachment to the Web service. Also, we cover their implementation and deployment details on a JBoss application server and provide a case study to document the results of test runs.
Keywords :
Web services; message authentication; service-oriented architecture; JBoss application server; Web service attack detection handler architecture; Web service attack types; message restructuring; Computer architecture; Cryptography; Payloads; Servers; Simple object access protocol; XML; messaging attacks; security; web services;
Conference_Titel :
Web Services (ICWS), 2012 IEEE 19th International Conference on
Conference_Location :
Honolulu, HI
Print_ISBN :
978-1-4673-2131-0
DOI :
10.1109/ICWS.2012.69
