Please use this identifier to cite or link to this item:
https://ptsldigital.ukm.my/jspui/handle/123456789/476597
Title: | Protection of XML denial-of-service and flooding attacks in soap-based web services using middleware tool |
Authors: | Abbas Ahmed Ali Qassem Al-Asri (P83728) |
Supervisor: | Rossilawati Sulaiman, Dr. |
Keywords: | Web services XML (Document markup language) Universiti Kebangsaan Malaysia -- Dissertations Dissertations, Academic -- Malaysia |
Issue Date: | 7-Jul-2018 |
Description: | A web service is defined as a method of communication between web applications and clients. Web services are very flexible and scalable as they are independent of both hardware and software infrastructure. The lack of security protection offered by web services creates a gap that attackers can make use of. Web services are offered on the HyperText Transfer Protocol (HTTP) with Simple Object Access Protocol (SOAP) as an underlying infrastructure. Web services rely heavily on Extended Markup Language (XML). Hence, web services are most vulnerable to attacks that use XML as an attack parameter. Recently, a new kind of XML-based Denial-of-Service (XDoS) attacks has surfaced, which target web services. The purpose of these attacks is to consume the system resources by sending SOAP requests that contain malicious XML content. Unfortunately, these malicious requests go undetected underneath the network or transportation layers of the Transfer Control Protocol/Internet Protocol (TCP/IP), as they appear to be legitimate packets. In general, an XML parser is required for the web service engine to extract the required parameters from an incoming message. An attacker can exploit this parser to successfully perform DoS attacks. There are many different techniques that can be used to perform DoS attacks using XML-based message formats. In this research, a middleware tool is proposed to provide real time detection and prevention of XML-based DoS (XDoS) and flooding attacks in web service. This middleware tool focuses on attacks on the two layers in the Open System Interconnection (OSI) model, which are to detect and prevent XDoS attacks on the application layer and prevent flooding attacks at the Network layer. The rule-based approach is used to classify requests either to normal or malicious to detect XDoS attacks. Experimental results from the middleware tool have demonstrated that the rule-based technique has efficiently detected and prevented XDoS and Flooding attacks such as oversized payload, coercive parsing and XML external entities close to real-time such as 0.006 second over the web services. The middleware tool provides close to 100% service availability to normal request, hence protecting the web service against XDoS and distributed XDoS (DXDoS) attacks.,Master of Computer Science,Certification of Master's / Doctoral Thesis" is not available" |
Pages: | 93 |
Call Number: | TK5105.88813.A844 2018 3 tesis |
Publisher: | UKM, Bangi |
Appears in Collections: | Faculty of Information Science and Technology / Fakulti Teknologi dan Sains Maklumat |
Files in This Item:
File | Description | Size | Format | |
---|---|---|---|---|
ukmvital_121776+SOURCE1+SOURCE1.0.PDF Restricted Access | 16.82 MB | Adobe PDF | View/Open |
Items in DSpace are protected by copyright, with all rights reserved, unless otherwise indicated.