DocumentCode :
595208
Title :
SuStorID: A multiple classifier system for the protection of web services
Author :
Corona, I. ; Tronci, R. ; Giacinto, G.
Author_Institution :
Dept. of Electr. & Electron. Eng., Univ. of Cagliari, Cagliari, Italy
fYear :
2012
fDate :
11-15 Nov. 2012
Firstpage :
2375
Lastpage :
2378
Abstract :
The security of web services is nowadays one of the major concerns for Internet users. Web services may manage confidential information, monetary transactions, or even health-critical systems, such as those employed in public airports or hospitals. A key problem of web services is that they should work as expected even in the presence of malicious inputs. Unfortunately, with the increasing complexity of web services, this task becomes more and more challenging. In this paper we present SuStorID, a multiple classifier system which is able to model legitimate inputs towards web services, given a sample of web traffic. If anomalous inputs are detected, web services are protected according to a set of anomaly templates. Our experiments, performed on a production environment, highlight that our system can accurately detect web attacks and help security operators to protect their web services against known and unknown attacks.
Keywords :
Web services; data privacy; pattern classification; security of data; Internet users; SuStorID; Web attack detection; Web service complexity; Web service protection; Web service security; Web traffic; anomaly templates; confidential information management; health-critical systems; malicious inputs; monetary transactions; multiple classifier system; production environment; security operators; Accuracy; Hidden Markov models; Humans; Security; Training; Web services;
fLanguage :
English
Publisher :
ieee
Conference_Titel :
Pattern Recognition (ICPR), 2012 21st International Conference on
Conference_Location :
Tsukuba
ISSN :
1051-4651
Print_ISBN :
978-1-4673-2216-4
Type :
conf
Filename :
6460643
Link To Document :
بازگشت