Title :
SuStorID: A multiple classifier system for the protection of web services
Author :
Corona, I. ; Tronci, R. ; Giacinto, G.
Author_Institution :
Dept. of Electr. & Electron. Eng., Univ. of Cagliari, Cagliari, Italy
Abstract :
The security of web services is nowadays one of the major concerns for Internet users. Web services may manage confidential information, monetary transactions, or even health-critical systems, such as those employed in public airports or hospitals. A key problem of web services is that they should work as expected even in the presence of malicious inputs. Unfortunately, with the increasing complexity of web services, this task becomes more and more challenging. In this paper we present SuStorID, a multiple classifier system which is able to model legitimate inputs towards web services, given a sample of web traffic. If anomalous inputs are detected, web services are protected according to a set of anomaly templates. Our experiments, performed on a production environment, highlight that our system can accurately detect web attacks and help security operators to protect their web services against known and unknown attacks.
Keywords :
Web services; data privacy; pattern classification; security of data; Internet users; SuStorID; Web attack detection; Web service complexity; Web service protection; Web service security; Web traffic; anomaly templates; confidential information management; health-critical systems; malicious inputs; monetary transactions; multiple classifier system; production environment; security operators; Accuracy; Hidden Markov models; Humans; Security; Training; Web services;
Conference_Titel :
Pattern Recognition (ICPR), 2012 21st International Conference on
Conference_Location :
Tsukuba
Print_ISBN :
978-1-4673-2216-4
