Abstract
Creating complex systems by combining service components is becoming a fundamental way to create flexible IT solutions that can react to changing environment and comply with agile business. The dynamic nature of the Future Internet introduces new threats, and with wider deployment comes a greater need to identify and tackle these threats before they become attacks. For a composite service, this is even more challenging, since each individual service component will have a fluctuating threat picture and there is a broad combined attack surface when many service components are involved. In this chapter we present the design and implementation of the Aniketos Service Threat Monitoring Module. This approach applies runtime monitoring of a service that collects change events that occur and determines their impact on service compositions.
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsPreview
Unable to display preview. Download preview PDF.
References
Elshaafi, H., McGibney, J., Botvich, D.: Trustworthiness monitoring of dynamic service compositions. In: Proceedings of the 6th International Workshop on Enhanced Web Service Technologies, USA, pp. 25–29 (2011)
Shirey, R.: Internet Security Glossary, Version 2 (RFC4949) (2007)
Stoneburner, G., Goguen, A., Feringa, A.: Risk management guide for information technology systems recommendations of the national institute of standards and technology. NIST Special Publication 800(30), 55 (2002), http://csrc.nist.gov/publications/nistpubs/800-30/sp800-30.pdf
Meland, P.H., Guerenabarrena, J.B., Llewellyn-Jones, D.: The Challenges of Secure and Trustworthy Service Composition in the Future Internet. In: Proc. of the 2011 6th International Conference on System of Systems Engineering, Albuquerque, New Mexico, USA, June 27-30 (2011)
Moser, O., Rosenberg, F., Dustdar, S.: Event Driven Monitoring for Service Composition Infrastructures. In: Chen, L., Triantafillou, P., Suel, T. (eds.) WISE 2010. LNCS, vol. 6488, pp. 38–51. Springer, Heidelberg (2010)
Apache ActiveMQ, http://activemq.apache.org/
JBoss Drools, https://drools.jboss.org/
Apache CXF-Distributed OSGI, https://cxf.apache.org/distributed-osgi.html
Apache Karaf, https://karaf.apache.org/
Siris, V.A., Papagalou, F.: Application of anomaly detection algorithms for detecting SYN flooding attacks. Computer Communications 29(9), 1433–1442 (2006)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2014 Springer International Publishing Switzerland
About this chapter
Cite this chapter
Lempereur, B., Ayed, D., Asim, M., Merabti, M., Shi, Q. (2014). Monitoring Threats to Composite Services within the Aniketos Run-Time Framework. In: Brucker, A.D., Dalpiaz, F., Giorgini, P., Meland, P.H., Rios, E. (eds) Secure and Trustworthy Service Composition. Lecture Notes in Computer Science, vol 8900. Springer, Cham. https://doi.org/10.1007/978-3-319-13518-2_12
Download citation
DOI: https://doi.org/10.1007/978-3-319-13518-2_12
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-13517-5
Online ISBN: 978-3-319-13518-2
eBook Packages: Computer ScienceComputer Science (R0)