Pattern Analysis and Signature Extraction for Intrusion Attacks on Web Services
Urjita Thakar1, Nirmal Dagdee2, Sudarshan Varma3
1 Reader, Computer Engineering Department, Shri G.S. Institute of Technology and Science, 23, Visweswaraiya Road, Indore,MP, 452 003 India
2Director and Professor, Computer Science and Information Technology,S.D. Bansal College of Technology,A.B. Road, Umaria, Indore, MP, India
3 Project Manager, Ideavate Solutions,2101 Highway 516, Suite F Old Bridge, NJ 08857, USA
ABSTRACT
The increasing popularity of web service technology is attracting hackers and attackers to hack the web services and the servers on which they run. Organizations are therefore facing the challenge of implementing adequate security for Web Services. A major threat is that of intruders which may maliciously try to access the data or services. The automated methods of signature extraction extract the binary pattern blindly resulting in more false positives. In this paper a semi automated approach is proposed to analyze the attacks and generate signatures for web services. For data collection, apart from the conventional SOAP data loggers, honeypots are also used that collect small data which is of high value. To filter out the most suspicious part of the data, SVM based classifier is employed to aid the system administrator. By applying an attack signature algorithm on the filtered data, a more balanced attack signature is extracted that results in fewer false positives and negatives. It helps the Security Administrator to identify the web services that are vulnerable or are attacked more frequently.
KEYWORDS
Web services, Intruders, Signatures, Honeypots, Classifier
Original Source Link : http://airccse.org/journal/nsa/0710ijnsa13.pdf
No comments:
Post a Comment