Intrusion Attack Pattern Analysis and Signature Extraction for Web Services Using Honeypots

Dagdee, Nirmal; Thakar, Urjita

doi:10.1109/icetet.2008.192

Cited by 14 publications

(4 citation statements)

References 3 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…The solution as presented is an incipient idea still being developed and implemented. Finally, another solution proposed the use of Honeypots [13] as a highly flexible security tool. The focus incorporates 3 components: data extraction based on honeyd, tedpdum data analysis, and extraction from attack signatures.…”

Section: Web Service Security Problem Descriptionmentioning

confidence: 99%

A Solution CBR Agent-Based to Classify SOAP Message within SOA Environments

Pinzón

Pérez

González

et al. 2009

Lecture Notes in Computer Science

View full text Add to dashboard Cite

This paper presents the core component of a solution based on agent technology specifically adapted for the classification of SOA messages. These messages can carry out attacks that target the applications providing Web Services. An advanced mechanism of classification designed in two phases incorporates a CBR-Agent type for classifying the incoming SOAP messages as legal or malicious. Its main feature involves the use of decision trees, fuzzy logic rules and neural networks for filtering attacks.

show abstract

Section: Web Service Security Problem Descriptionmentioning

confidence: 99%

A Solution CBR Agent-Based to Classify SOAP Message within SOA Environments

Pinzón

Pérez

González

et al. 2009

Lecture Notes in Computer Science

View full text Add to dashboard Cite

show abstract

“…The solution as presented is an incipient idea still being developed and implemented. Finally, another solution proposed the use of Honeypots as a highly flexible security tool [11]. The focus incorporates 3 components: data extraction based on honeyd and tedpdum data analysis, and extraction from attack signatures.…”

Section: Dos Attacks Descriptionmentioning

confidence: 99%

An Adaptive Multi-agent Solution to Detect DoS Attack in SOAP Messages

Pinzón

Paz

Bajo

et al. 2009

Advances in Intelligent and Soft Computing

View full text Add to dashboard Cite

A SOAP message can be affected by a DoS attack if the incoming message has been either created or modified maliciously. The specifications of existing security standards do not focus on this type of attack. This article presents a novel distributed and adaptive approach for dealing with DoS attacks in Web Service environments, which represents an alternative to the existing centralized solutions. The solution proposes a distributed hierarchical multiagent architecture that implements a classification mechanism in two phases. The main benefits of the approach are the distributed capabilities of the multiagent systems and the self-adaption ability to the changes that occur in the patterns of attack. A prototype of the architecture was developed and the results obtained are presented in this study.

show abstract

“…A tool discussed for signature extraction as discussed in [8] does not consider attacks at application layer. The data analysis method presented in [9] needs to be improved to filter log data to obtain higher concentration of attacks for precise signature extraction.…”

Section: Related Workmentioning

confidence: 99%