An Adaptive Intrusion Detection and Prevention (ID/IP) Framework for Web Services

Authors:
Chan Gaik Yee;Wong Hui Shin;G. S. V. R. K. Rao
Affiliations:
-;-;-
Venue:
ICCIT '07 Proceedings of the 2007 International Conference on Convergence Information Technology
Year:
2007

Citing 0
Cited 8

A Solution CBR Agent-Based to Classify SOAP Message within SOA Environments

HAIS '09 Proceedings of the 4th International Conference on Hybrid Artificial Intelligence Systems
Towards an anomaly detection technique for web services based on kernel methods

IIT'09 Proceedings of the 6th international conference on Innovations in information technology
A distributed multi-approach intrusion detection system for web services

Proceedings of the 3rd international conference on Security of information and networks
A multiagent solution to adaptively classify SOAP message and protect against dos attack

CAEPIA'09 Proceedings of the Current topics in artificial intelligence, and 13th conference on Spanish association for artificial intelligence
S-MAS: An adaptive hierarchical distributed multi-agent architecture for blocking malicious SOAP messages within Web Services environments

Expert Systems with Applications: An International Journal
Real-time CBR-agent with a mixture of experts in the reuse stage to classify and detect DoS attacks

Applied Soft Computing
Improving the security level of the FUSION@ multi-agent architecture

Expert Systems with Applications: An International Journal
Fuzzy data mining: a literature survey and classification framework

International Journal of Networking and Virtual Organisations

Quantified Score

Hi-index	0.00

Visualization

Abstract

The advance in web technology has lead to more and more applications being deployed over the Web Service (WS) platform. However, the inherent security weaknesses of the WS platform have lead to these WS- based applications being vulnerable and targets for attacks. This paper identifies and describes the various vulnerabilities and security threats pertaining to WS. After examining the various existing defending mechanisms for WS, it is found that they are not adaptive and adequate in counter-measuring the WS attacks. An adaptive intrusion detection and prevention (ID/IP) framework to protect the WS against attacks related to SOAP/XML/SQL is thus introduced. Through illustration by examples, the framework demonstrated that by making use of agents that act as sensors, data mining techniques such as clustering, association and sequential rule coupled with fuzzy logic to further analyze and identify anomalies, is able to exhibit the adaptive nature of capturing anomalies and avoiding false alarms.