Service vulnerability scanning based on service-oriented architecture in Web service environments

Authors:
Shangguang Wang;Yan Gong;Guangxiao Chen;Qibo Sun;Fangchun Yang
Affiliations:
State Key Laboratory of Networking and Switching Technology, Beijing University of Posts and Telecommunications, Beijing, China;Chinese Electronic Equipment System Engineering Corporation, Beijing, China;State Key Laboratory of Networking and Switching Technology, Beijing University of Posts and Telecommunications, Beijing, China;State Key Laboratory of Networking and Switching Technology, Beijing University of Posts and Telecommunications, Beijing, China;State Key Laboratory of Networking and Switching Technology, Beijing University of Posts and Telecommunications, Beijing, China
Venue:
Journal of Systems Architecture: the EUROMICRO Journal
Year:
2013

Citing 16
Cited 0

A Scalable Scheduling Algorithm for Real-Time Distributed Systems

ICDCS '98 Proceedings of the The 18th International Conference on Distributed Computing Systems
Location-Aided Flooding: An Energy-Efficient Data Dissemination Protocol for Wireless Sensor Networks

IEEE Transactions on Computers
An Inline Detection and Prevention Framework for Distributed Denial of Service Attacks

The Computer Journal
Using the vulnerability information of computer systems to improve the network security

Computer Communications
A platform-based SoC design and implementation of scalable automaton matching for deep packet inspection

Journal of Systems Architecture: the EUROMICRO Journal
Using mobile agents to recover from node and database compromise in path-based DoS attacks in wireless sensor networks

Journal of Network and Computer Applications
The Effects of Threading, Infection Time, and Multiple-Attacker Collaboration on Malware Propagation

SRDS '09 Proceedings of the 2009 28th IEEE International Symposium on Reliable Distributed Systems
Scalable packet classification using a compound algorithm

International Journal of Communication Systems - Part 1: Next Generation Networks (NGNs)
Service Level Checking in the Cloud Computing Context

CLOUD '10 Proceedings of the 2010 IEEE 3rd International Conference on Cloud Computing
Towards Web Service selection based on QoS estimation

International Journal of Web and Grid Services
Service Level Agreements Compliance Checking in the Cloud Computing: Architectural Pattern, Prototype, and Validation

ICSEA '10 Proceedings of the 2010 Fifth International Conference on Software Engineering Advances
Using complexity, coupling, and cohesion metrics as early indicators of vulnerabilities

Journal of Systems Architecture: the EUROMICRO Journal
Attestation of integrity of overlay networks

Journal of Systems Architecture: the EUROMICRO Journal
A high-performance and scalable multi-core aware software solution for network monitoring

The Journal of Supercomputing
Ant algorithm for grid scheduling problem

LSSC'05 Proceedings of the 5th international conference on Large-Scale Scientific Computing
Effective allied network security system based on designed scheme with conditional legitimate probability against distributed network attacks and intrusions

International Journal of Communication Systems

Quantified Score

Hi-index	0.00

Visualization

Abstract

Web services are becoming the critical components of business application, but they are often invoked with critical software and application bugs that can be explored by malicious users. Because the existing centralized vulnerability scanning systems often face performance bottleneck because of huge amount of tasks, a novel service vulnerability scanning scheme is high desirable. In this paper, we propose a service vulnerability scanning scheme based on service-oriented architecture (SoA) in Web service environments. The scanning scheme contains three components, i.e., domain-oriented distributed architecture, service providing mode based on SoA and hierarchical strategy scheduling model. The hierarchical strategy scheduling model is the key of the scanning scheme, which is used to solve the problems of distributed scheduling management in vulnerability scanning process for Web service environments. We conduct a centralized scanner to compare our scheme with other schemes by the implement of prototype system. Experimental results show that our proposed scheme outperforms other schemes with respect to time cost, accuracy and load.