Title :
Defending Web Services against Denial of Service Attacks Using Client Puzzles
Author :
Suriadi, Suriadi ; Stebila, Douglas ; Clark, Andrew ; Liu, Hua
Author_Institution :
Inf. Security Inst., Queensland Univ. of Technol. Brisbane, Brisbane, QLD, Australia
Abstract :
The interoperable and loosely-coupled web services architecture, while beneficial, can be resource-intensive, and is thus susceptible to denial of service (DoS) attacks in which an attacker can use a relatively insignificant amount of resources to exhaust the computational resources of a web service. We investigate the effectiveness of defending web services from DoS attacks using client puzzles, a cryptographic countermeasure which provides a form of gradual authentication by requiring the client to solve some computationally difficult problems before access is granted. In particular, we describe a mechanism for integrating a hash-based puzzle into existing web services frameworks and analyze the effectiveness of the countermeasure using a variety of scenarios on a network test bed. Client puzzles are an effective defence against flooding attacks. They can also mitigate certain types of semantic-based attacks, although they may not be the optimal solution.
Keywords :
Web services; cryptography; service-oriented architecture; Denial of Service; DoS attacks; client puzzles; computational resource; cryptographic countermeasure; gradual authentication; hash based puzzle; loosely coupled Web service architecture; semantic based attack; Computer crime; Cryptography; Electron tubes; Java; Semantics; Servers; Web services; client puzzles; denial of service attacks; web services;
Conference_Titel :
Web Services (ICWS), 2011 IEEE International Conference on
Conference_Location :
Washington, DC
Print_ISBN :
978-1-4577-0842-8
Electronic_ISBN :
978-0-7695-4463-2
DOI :
10.1109/ICWS.2011.22
