An Adaptive Multi-agent Solution to Detect DoS Attack in SOAP Messages

  • Cristian I. Pinzón
  • Juan F. De Paz
  • Javier Bajo
  • Juan M. Corchado
Conference paper
Part of the Advances in Intelligent and Soft Computing book series (AINSC, volume 63)


A SOAP message can be affected by a DoS attack if the incoming message has been either created or modified maliciously. The specifications of existing security standards do not focus on this type of attack. This article presents a novel distributed and adaptive approach for dealing with DoS attacks in Web Service environments, which represents an alternative to the existing centralized solutions. The solution proposes a distributed hierarchical multi-agent architecture that implements a classification mechanism in two phases. The main benefits of the approach are the distributed capabilities of the multi-agent systems and the self-adaption ability to the changes that occur in the patterns of attack. A prototype of the architecture was developed and the results obtained are presented in this study.


Multi-agent System CBR Web Service SOAP Message DoS attacks 


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    OASIS: Web Services Security: SOAP Message Security 1.1 (WS-Security 2004), OASIS Standard 2004, (2006)
  2. 2.
    Bajaj, et al.: Web Services Policy Framework, WS-Policy (2004),
  3. 3.
    Web Services Trust Language (WS-Trust),
  4. 4.
    Web Services Secure Conversation Language (WS-SecureConversation),
  5. 5.
    Gruschka, N., Luttenberger, N.: Protecting Web Services from DoS Attacks by SOAP Message Validation. Security and Privacy in Dynamic Environments (201), 171–182 (2006)Google Scholar
  6. 6.
    Laza, R., Pavon, R., Corchado, J.M.: A Reasoning Model for CBR_BDI Agents Using an Adaptable Fuzzy Inference System. In: Conejo, R., Urretavizcaya, M., Pérez-de-la-Cruz, J.-L. (eds.) CAEPIA/TTIA 2003. LNCS (LNAI), vol. 3040, pp. 96–106. Springer, Heidelberg (2004)CrossRefGoogle Scholar
  7. 7.
    Weerawarana, S., Curbera, F., Leymann, F., Storey, T., Ferguson, D.F.: Web Services Platform Architecture: SOAP. In: WSDL, WS-Policy, WS-Addressing, WS-BPEL, WS-Reliable Messaging, and More. Prentice Hall PTR, Englewood Cliffs (2005)Google Scholar
  8. 8.
    Loh, Y., Yau, W., Wong, C., Ho, W.: Design and Implementation of an XML Firewall. Computational Intelligence and Security 2, 1147–1150 (2006)Google Scholar
  9. 9.
    Yee, G., Shin, H., Rao, G.S.V.R.K.: An Adaptive Intrusion Detection and Prevention (ID/IP) Framework for Web Services. In: International Conference on Convergence Information Technology, pp. 528–534. IEEE Computer Society, Washington (2007)CrossRefGoogle Scholar
  10. 10.
    Jensen, M., Gruschka, N., Herkenhoner, R., Luttenberger, N.: SOA and Web Services: New Technologies, New Standards - New Attacks. In: Fifth European Conference on Web Services-ECOWS 2007, pp. 35–44 (2007)Google Scholar
  11. 11.
    Dagdee, N., Thakar, U.: Intrusion Attack Pattern Analysis and Signature Extraction for Web Services Using Honeypots. In: First International Conference Emerging Trends in Engineering and Technology, pp. 1232–1237 (2008)Google Scholar
  12. 12.
    Carrascosa, C., Bajo, J., Julian, V., Corchado, J.M., Botti, V.: Hybrid multiagent architecture as a real-time problem-solving model. Expert Syst. Appl. 34, 2–17 (2008)CrossRefGoogle Scholar
  13. 13.
    Corchado, J.M., Bajo, J., Abraham, A.: GerAmi: Improving Healthcare Delivery in Geriatric Residences. IEEE Intelligent Systems 23, 19–25 (2008)Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2009

Authors and Affiliations

  • Cristian I. Pinzón
    • 1
  • Juan F. De Paz
    • 1
  • Javier Bajo
    • 1
  • Juan M. Corchado
    • 1
  1. 1.Departamento Informática y AutomáticaUniversidad de SalamancaSalamancaSpain

Personalised recommendations