Protecting Web Services against DoS Attacks: A Case-Based Reasoning Approach

  • Cristian Pinzón
  • Juan F. De Paz
  • Carolina Zato
  • Javier Pérez
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 6076)


The real-time detection is a key factor to detect and block DoS attacks within Web services. DoS attacks can be generated for different techniques that take advantage of points vulnerable within Web services. This paper describes a novel proposal based on a real time agent to classify user requests and detect and block malicious SOAP messages. The classification mechanism is based on a Case-Base Reasoning (CBR) model, where the different CBR phases are time bounded. Within the reuse phase of the CBR cycle is incorporated a mixture of experts to choose the most suitable technique of classification depending on the feature of the attack and the available time to solve the classification. A prototype of the architecture was developed and the results obtained are presented in this study.


DoS attacks Web Service Multi-agent System CBR 


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Gruschka, N., Jensen, M., Luttenberger, N.: A Stateful Web Service Firewall for BPEL. In: IEEE International Conference on Web Services, pp. 142–149 (2007)Google Scholar
  2. 2.
    Im, E.G., Song, Y.H.: An Adaptive Approach to Handle DoS Attack for Web Services. In: Kantor, P., Muresan, G., Roberts, F., Zeng, D.D., Wang, F.-Y., Chen, H., Merkle, R.C. (eds.) ISI 2005. LNCS, vol. 3495, pp. 634–635. Springer, Heidelberg (2005)CrossRefGoogle Scholar
  3. 3.
    Chonka, A., Zhou, W., Xiang, Y.: Defending Grid Web Services from XDoS Attacks by SOTA. In: EEE International Conference on Pervasive Computing and Communications, vol. 6, pp. 1–6. IEEE Computer Society, Los Alamitos (2009)Google Scholar
  4. 4.
    Padmanabhuni, S., Singh, V., Kumar, K.M.S., Chatterjee, A.: Preventing Service Oriented Denial of Service (PreSODoS): A Proposed Approach. In: IEEE International Conference on Web Services (ICWS 2006), pp. 577–584. IEEE Computer Society, Los Alamitos (2006)CrossRefGoogle Scholar
  5. 5.
    Ye, X.: Countering DDoS and XDoS Attacks against Web Services. In: IEEE/IFIP International Conference on Embedded and Ubiquitous Computing, vol. 1, pp. 346–352. IEEE Computer Society, Los Alamitos (2008)Google Scholar
  6. 6.
    De Paz, J.F., Rodríguez, S., Bajo, J., Corchado, J.M.: Case-based reasoning as a decision support system for cancer diagnosis: A case study. International Journal of Hybrid Intelligent Systems 6(2), 97–110 (2009)CrossRefGoogle Scholar
  7. 7.
    Julian, V., Botti, V.: Developing real-time multi-agent systems. Integrated Computer-Aided Engineering 11(2), 135–149 (2004)Google Scholar
  8. 8.
    Corchado, J.M., Laza, R., Borrajo, L., Yañez, J.C., Luis, A.D., Valiño, M.: Increasing the Autonomy of Deliberative Agents with a Case-Based Reasoning System. International Journal of Computational Intelligence and Applications 3, 101–118 (2003)CrossRefGoogle Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2010

Authors and Affiliations

  • Cristian Pinzón
    • 1
    • 2
  • Juan F. De Paz
    • 2
  • Carolina Zato
    • 2
  • Javier Pérez
    • 2
  1. 1.Universidad Tecnológica de PanamáPanama
  2. 2.Departamento Informática y AutomáticaUniversidad de SalamancaSalamancaSpain

Personalised recommendations