A Multiagent Solution to Adaptively Classify SOAP Message and Protect against DoS Attack

  • Cristian I. Pinzón
  • Juan F. De Paz
  • Javier Bajo
  • Juan M. Corchado
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 5988)

Abstract

SOAP messages use XML code, which makes them vulnerable to denial of service (DoS) attacks and puts the availability of web services at risk. This article presents an adaptive solution for dealing with DoS attacks in web service environments. The solution proposes a distributed hierarchical multiagent architecture that implements a robust mechanism of classification based on an advanced CBR-BDI agent. The agent incorporates a case-based reasoning engine that integrate a Perceptron Multilayer neural network during the re-use phase to classify incoming SOAP messages and reject those that are considered malicious. A prototype of the architecture was developed and the results obtained are presented in this study.

Keywords

SOAP message XML Security multiagent systems CBR ANN 
This is a preview of subscription content, log in to check access.

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. 1.
    Weerawarana, S., Curbera, F., Leymann, F., Storey, T., Ferguson, D.F.: Web Services Platform Architecture: SOAP, WSDL, WS-Policy, WS-Addressing, WS-BPEL, WS-Reliable Messaging, and More. Prentice Hall PTR, Englewood Cliffs (2005)Google Scholar
  2. 2.
    Nadalin, A., Kaler, C., Monzillo, R., Hallam-Baker, P.: Web Services Security: SOAP Message Security 1.1, WS-Security 2004 (2006)Google Scholar
  3. 3.
    Bajaj, S., Box, D., Chappell, D., Curbera, F., Daniels, G., Hallam-Baker, P., Hondo, M.: Web Services Policy Framework (WS-Policy) version 1.2 (2006)Google Scholar
  4. 4.
    Anderson, S., Bohren, J., Boubez, T., Chanliau, M., Della, G., Dixon, B.: Web Services Trust Language, WS-Trust (2004)Google Scholar
  5. 5.
    Anderson, S., Bohren, J., Boubez, T., Chanliau, M., Della-Libera, G., Dixon, B.: Web Services Secure Conversation Language (WS-SecureConversation) Version 1.1 (2004)Google Scholar
  6. 6.
    Gruschka, N., Luttenberger, N.: Protecting Web Services from DoS Attacks by SOAP Message Validation. Security and Privacy in Dynamic Environments 201, 171–182 (2006)CrossRefGoogle Scholar
  7. 7.
    Laza, R., Pavon, R., Corchado, J.M.: A Reasoning Model for CBR_BDI Agents Using an Adaptable Fuzzy Inference System. In: Conejo, R., Urretavizcaya, M., Pérez-de-la-Cruz, J.-L. (eds.) CAEPIA/TTIA 2003. LNCS (LNAI), vol. 3040, pp. 96–106. Springer, Heidelberg (2004)CrossRefGoogle Scholar
  8. 8.
    Loh, Y., Yau, W., Wong, C., Ho, W.: Design and Implementation of an XML Firewall. Computational Intelligence and Security 2, 1147–1150 (2006)Google Scholar
  9. 9.
    Yee, G., Shin, H., Rao, G.S.V.R.K.: An Adaptive Intrusion Detection and Prevention (ID/IP) Framework for Web Services. In: International Conference on Convergence Information Technology, pp. 528–534. IEEE Computer Society, Washington (2007)Google Scholar
  10. 10.
    Jensen, M., Gruschka, N., Herkenhoner, R., Luttenberger, N.: SOA and Web Services: New Technologies, New Standards - New Attacks. In: Fifth European Conference on Web Services-ECOWS ’07, pp. 35–44 (2007)Google Scholar
  11. 11.
    Ye, X.: Countering DDoS and XDoS Attacks against Web Services. In: IEEE/IFIP International Conference on Embedded and Ubiquitous Computing, pp. 346–352 (2008)Google Scholar
  12. 12.
    Chonka, A., Zhou, W., Xiang, Y.: Defending Grid Web Services from XDoS Attacks by SOTA. In: IEEE International Conference on Pervasive Computing and Communications, pp. 1–6 (2009)Google Scholar
  13. 13.
    Carrascosa, C., Bajo, J., Julian, V., Corchado, J.M., Botti, V.: Hybrid multi-agent architecture as a real-time problem-solving model. Expert Syst. Appl. 34, 2–17 (2008)CrossRefGoogle Scholar
  14. 14.
    Corchado, J.M., Bajo, J., Abraham, A.: GerAmi: Improving Healthcare Delivery in Geriatric Residences. IEEE Intelligent Systems 23, 19–25 (2008)CrossRefGoogle Scholar
  15. 15.
    Fujii, K.: Jpcap - A network packet capture library for applications written in Java (2000), http://netresearch.ics.uci.edu/kfujii/jpcap/doc/index.html
  16. 16.
    Aamodt, A., Plaza, E.: Case-based reasoning: foundational issues, methodological variations, and system approaches. AI Commun. 7, 39–59 (1994)Google Scholar
  17. 17.
    Gallagher, M., Downs, T.: Visualization of learning in multilayer perceptron networks using principal component analysis. IEEE Transactions on Systems, Man, and Cybernetics, Part B: Cybernetics 33(1), 28–34 (2003)CrossRefGoogle Scholar
  18. 18.
    LeCun, Y., Bottou, L., Orr, G.B., Müller, K.R.: Efficient BackProp. In: Neural Networks - Tricks of the Trade, p. 546. Springer, Heidelberg (1998)Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2010

Authors and Affiliations

  • Cristian I. Pinzón
    • 1
  • Juan F. De Paz
    • 1
  • Javier Bajo
    • 1
  • Juan M. Corchado
    • 1
  1. 1.Universidad de SalamancaSalamancaSpain

Personalised recommendations