Protection of XML-based denail-of-service and httpflooding attacks in web services using the middleware tool

Abbas Alasri, Rossilawati Sulaiman

Research output: Contribution to journalArticle

Abstract

A web service is defined as the method of communication between the web applications and the clients. Web services are very flexible and scalable as they are independent of both the hardware and software infrastructure. The lack of security protection offered by web services creates a gap which attackers can make use of. Web services are offered on the HyperText Transfer Protocol (HTTP) with Simple Object Access Protocol (SOAP) as the underlying infrastructure. Web services rely heavily on the Extended Mark-up Language (XML). Hence, web services are most vulnerable to attacks which use XML as the attack parameter. Recently, a new type of XML-based Denial-of-Service (XDoS) attacks has surfaced, which targets the web services. The purpose of these attacks is to consume the system resources by sending SOAP requests that contain malicious XML content. Unfortunately, these malicious requests go undetected underneath the network or transportation layers of the Transfer Control Protocol/Internet Protocol (TCP/IP), as they appear to be legitimate packets.In this paper, a middleware tool is proposed to provide real time detection and prevention of XDoS and HTTP flooding attacks in web service. This tool focuses on the attacks on the two layers of the Open System Interconnection (OSI) model, which are to detect and prevent XDoS attacks on the application layer and prevent flooding attacks at the Network layer.The rule-based approach is used to classify requests either as normal or malicious,in order to detect the XDoS attacks. The experimental results from the middleware tool have demonstrated that the rule-based technique has efficiently detected and prevented theattacks of XDoS and HTTP flooding attacks such as the oversized payload, coercive parsing and XML external entities close to real-time such as 0.006s over the web services. The middleware tool provides close to 100% service availability to normal request, hence protecting the web service against the attacks of XDoS and distributed XDoS (DXDoS).

Original languageEnglish
Pages (from-to)322-329
Number of pages8
JournalInternational Journal of Engineering and Technology(UAE)
Volume7
Issue number4.7 Special Issue 7
Publication statusPublished - 1 Jan 2018

Fingerprint

Middleware
XML
Web services
Hypermedia
HTTP
Network protocols
Internet
Denial (Psychology)
Language
Software
Communication
Internet protocols
Network layers
Open systems
World Wide Web
Availability
Hardware

Keywords

  • Denial-of-Service
  • DXDoS
  • SOA
  • SOAP
  • Web service
  • XDoS
  • XML

ASJC Scopus subject areas

  • Biotechnology
  • Computer Science (miscellaneous)
  • Environmental Engineering
  • Chemical Engineering(all)
  • Engineering(all)
  • Hardware and Architecture

Cite this

Protection of XML-based denail-of-service and httpflooding attacks in web services using the middleware tool. / Alasri, Abbas; Sulaiman, Rossilawati.

In: International Journal of Engineering and Technology(UAE), Vol. 7, No. 4.7 Special Issue 7, 01.01.2018, p. 322-329.

Research output: Contribution to journalArticle

@article{e23f0f84f6d44343850daea9a7cdb88c,
title = "Protection of XML-based denail-of-service and httpflooding attacks in web services using the middleware tool",
abstract = "A web service is defined as the method of communication between the web applications and the clients. Web services are very flexible and scalable as they are independent of both the hardware and software infrastructure. The lack of security protection offered by web services creates a gap which attackers can make use of. Web services are offered on the HyperText Transfer Protocol (HTTP) with Simple Object Access Protocol (SOAP) as the underlying infrastructure. Web services rely heavily on the Extended Mark-up Language (XML). Hence, web services are most vulnerable to attacks which use XML as the attack parameter. Recently, a new type of XML-based Denial-of-Service (XDoS) attacks has surfaced, which targets the web services. The purpose of these attacks is to consume the system resources by sending SOAP requests that contain malicious XML content. Unfortunately, these malicious requests go undetected underneath the network or transportation layers of the Transfer Control Protocol/Internet Protocol (TCP/IP), as they appear to be legitimate packets.In this paper, a middleware tool is proposed to provide real time detection and prevention of XDoS and HTTP flooding attacks in web service. This tool focuses on the attacks on the two layers of the Open System Interconnection (OSI) model, which are to detect and prevent XDoS attacks on the application layer and prevent flooding attacks at the Network layer.The rule-based approach is used to classify requests either as normal or malicious,in order to detect the XDoS attacks. The experimental results from the middleware tool have demonstrated that the rule-based technique has efficiently detected and prevented theattacks of XDoS and HTTP flooding attacks such as the oversized payload, coercive parsing and XML external entities close to real-time such as 0.006s over the web services. The middleware tool provides close to 100{\%} service availability to normal request, hence protecting the web service against the attacks of XDoS and distributed XDoS (DXDoS).",
keywords = "Denial-of-Service, DXDoS, SOA, SOAP, Web service, XDoS, XML",
author = "Abbas Alasri and Rossilawati Sulaiman",
year = "2018",
month = "1",
day = "1",
language = "English",
volume = "7",
pages = "322--329",
journal = "International Journal of Engineering and Technology(UAE)",
issn = "2227-524X",
publisher = "Science Publishing Corporation Inc",
number = "4.7 Special Issue 7",

}

TY - JOUR

T1 - Protection of XML-based denail-of-service and httpflooding attacks in web services using the middleware tool

AU - Alasri, Abbas

AU - Sulaiman, Rossilawati

PY - 2018/1/1

Y1 - 2018/1/1

N2 - A web service is defined as the method of communication between the web applications and the clients. Web services are very flexible and scalable as they are independent of both the hardware and software infrastructure. The lack of security protection offered by web services creates a gap which attackers can make use of. Web services are offered on the HyperText Transfer Protocol (HTTP) with Simple Object Access Protocol (SOAP) as the underlying infrastructure. Web services rely heavily on the Extended Mark-up Language (XML). Hence, web services are most vulnerable to attacks which use XML as the attack parameter. Recently, a new type of XML-based Denial-of-Service (XDoS) attacks has surfaced, which targets the web services. The purpose of these attacks is to consume the system resources by sending SOAP requests that contain malicious XML content. Unfortunately, these malicious requests go undetected underneath the network or transportation layers of the Transfer Control Protocol/Internet Protocol (TCP/IP), as they appear to be legitimate packets.In this paper, a middleware tool is proposed to provide real time detection and prevention of XDoS and HTTP flooding attacks in web service. This tool focuses on the attacks on the two layers of the Open System Interconnection (OSI) model, which are to detect and prevent XDoS attacks on the application layer and prevent flooding attacks at the Network layer.The rule-based approach is used to classify requests either as normal or malicious,in order to detect the XDoS attacks. The experimental results from the middleware tool have demonstrated that the rule-based technique has efficiently detected and prevented theattacks of XDoS and HTTP flooding attacks such as the oversized payload, coercive parsing and XML external entities close to real-time such as 0.006s over the web services. The middleware tool provides close to 100% service availability to normal request, hence protecting the web service against the attacks of XDoS and distributed XDoS (DXDoS).

AB - A web service is defined as the method of communication between the web applications and the clients. Web services are very flexible and scalable as they are independent of both the hardware and software infrastructure. The lack of security protection offered by web services creates a gap which attackers can make use of. Web services are offered on the HyperText Transfer Protocol (HTTP) with Simple Object Access Protocol (SOAP) as the underlying infrastructure. Web services rely heavily on the Extended Mark-up Language (XML). Hence, web services are most vulnerable to attacks which use XML as the attack parameter. Recently, a new type of XML-based Denial-of-Service (XDoS) attacks has surfaced, which targets the web services. The purpose of these attacks is to consume the system resources by sending SOAP requests that contain malicious XML content. Unfortunately, these malicious requests go undetected underneath the network or transportation layers of the Transfer Control Protocol/Internet Protocol (TCP/IP), as they appear to be legitimate packets.In this paper, a middleware tool is proposed to provide real time detection and prevention of XDoS and HTTP flooding attacks in web service. This tool focuses on the attacks on the two layers of the Open System Interconnection (OSI) model, which are to detect and prevent XDoS attacks on the application layer and prevent flooding attacks at the Network layer.The rule-based approach is used to classify requests either as normal or malicious,in order to detect the XDoS attacks. The experimental results from the middleware tool have demonstrated that the rule-based technique has efficiently detected and prevented theattacks of XDoS and HTTP flooding attacks such as the oversized payload, coercive parsing and XML external entities close to real-time such as 0.006s over the web services. The middleware tool provides close to 100% service availability to normal request, hence protecting the web service against the attacks of XDoS and distributed XDoS (DXDoS).

KW - Denial-of-Service

KW - DXDoS

KW - SOA

KW - SOAP

KW - Web service

KW - XDoS

KW - XML

UR - http://www.scopus.com/inward/record.url?scp=85054476848&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=85054476848&partnerID=8YFLogxK

M3 - Article

VL - 7

SP - 322

EP - 329

JO - International Journal of Engineering and Technology(UAE)

JF - International Journal of Engineering and Technology(UAE)

SN - 2227-524X

IS - 4.7 Special Issue 7

ER -