Confidentiality, integrity and availability are the main objectives of any information security model.

juan-manuel-corchado-dos-detection-01

With specific regard to availability, the aim is to guarantee that the information, services, and available resources are accessible to authorized users. One of the priorities of web services is to guarantee the availability of services and resources. However, all of the specifications that have been proposed for providing security within web services (WS-Security, WS-SecurityPolicy, WS-Trust, WS-SecureConversation, etc.) only consider the integrity and confidentiality of messages without much consideration for availability.

One of the increasingly common threats within web services environments, and one that jeopardizes the availability factor, is denial of service (DoS). This type of attack exploits vulnerable points within the standard components supporting the technology. There are several initiatives within this field. However, the main common disadvantage that each of these approaches has is their low capacity to adapt themselves to changes in patterns. This reduces the effectiveness of these methods when slight variations in the behaviours of known attacks occur or when new attacks appear.

This works presents a novel soft computing-based approach to cope with DoS attacks, but unlike existing solutions, our proposal takes into account the different soft computing mechanisms that can lead to a DoS attack. Our approach is based on a real time classifier agent that incorporates a mixture of experts to choose a specific classification technique depending on the feature of the attack and the time available to solve the classification. With this scheme it is possible to divide the problem into subproblems, solving the classification of the web service requests in a more simple and effective way, and always within a time bound interval.

ASSOCIATED PROJECTS

NATIONALS

FUSION@ : Flexible User and ServIces Oriented multi-ageNt Architecture

Reference: PET2008_0036

Funding body: Ministry of Education and Science(Fundamental research projects for the Transfer of Knowledge to Enterprises (TRACE))

Collaborators: Nebusens

Principal Research: Juan Manuel Corchado

Start date: 01-03-2009    End date: 01-02-2011

SQLCBR

Reference: TSI-020100-2008-31

Funding body: Ministerio de Industria, Turismo y Comercio. Avanza I+D. Acción Estratégica de Telecomunicaciones y Sociedad de la Información.

Collaborators: Universidad de Salamanca, Flag Solutions S.L.

Principal Research: Javier Bajo Pérez

Start date: 10/07/2008           End date: 25/12/2009

 

 

 

 

 

Posted by Juan M. Corchado

Vicerrector de Investigación y Transferencia - Universidad de Salamanca // Vice President for Research and Technology Transfer - University of Salamanca

Thanks for your comment

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s