A hybrid agent-based classification mechanism to detect denial of service attacks

  1. Cristian I. Pinzón 2
  2. Juan F. de Paz 1
  3. Sara Rodríguez 1
  4. Javier Bajo 1
  5. Juan M. Corchado 1
  1. 1 Universidad de Salamanca
    info

    Universidad de Salamanca

    Salamanca, España

    ROR https://ror.org/02f40zc51

  2. 2 Universidad Tecnológica de Panamá
    info

    Universidad Tecnológica de Panamá

    Panamá, Panamá

    ROR https://ror.org/030ve2c48

Revista:
JoPha: Journal of Physical Agents

ISSN: 1888-0258

Año de publicación: 2009

Título del ejemplar: Special Session on Hybrid Reasoning and Coordination Methods on MAS

Volumen: 3

Número: 3

Páginas: 11-18

Tipo: Artículo

DOI: 10.14198/JOPHA.2009.3.3.03 DIALNET GOOGLE SCHOLAR lock_openRUA editor

Otras publicaciones en: JoPha: Journal of Physical Agents

Resumen

This paper presents the core component of a solution based on agent technology specifically adapted for the classification of SOAP messages. The messages can carry out attacks that target the applications providing Web Services. One of the most common attacks requiring novel solutions is the denial of service attack (DoS), caused for the modifications introduced in the XML of the SOAP messages. The specifications of existing security standards do not focus on this type of attack. This article presents an advanced mechanism of classification designed in two phases incorporated within a CBR-BDI Agent type. This mechanism classifies the incoming SOAP message and blocks the malicious SOAP messages. Its main feature involves the use of decision trees, fuzzy logic rules and neural networks for filtering attacks. These techniques provide a mechanism of classification with the self-adaption ability to the changes that occur in the patterns of attack. A prototype was developed and the results obtained are presented in this study.

Fuente de los datos: Dialnet