A hybrid agent-based classification mechanism to detect denial of service attacks

  1. Cristian I. Pinzón 2
  2. Juan F. de Paz 1
  3. Sara Rodríguez 1
  4. Javier Bajo 1
  5. Juan M. Corchado 1
  1. 1 Universidad de Salamanca
    info
    Universidad de Salamanca

    Salamanca, España

    ROR https://ror.org/02f40zc51

    Erakundearen kokapen geografikoa Universidad de Salamanca
  2. 2 Universidad Tecnológica de Panamá
    info
    Universidad Tecnológica de Panamá

    Panamá, Panamá

    ROR https://ror.org/030ve2c48

    Erakundearen kokapen geografikoa Universidad Tecnológica de Panamá
Aldizkaria:
JoPha: Journal of Physical Agents

ISSN: 1888-0258

Argitalpen urtea: 2009

Zenbakien izenburua: Special Session on Hybrid Reasoning and Coordination Methods on MAS

Alea: 3

Zenbakia: 3

Orrialdeak: 11-18

Mota: Artikulua

DOI: 10.14198/JOPHA.2009.3.3.03 DIALNET GOOGLE SCHOLAR HANDLE: https://hdl.handle.net/10045/12528

Beste argitalpen batzuk: JoPha: Journal of Physical Agents

Laburpena

This paper presents the core component of a solution based on agent technology specifically adapted for the classification of SOAP messages. The messages can carry out attacks that target the applications providing Web Services. One of the most common attacks requiring novel solutions is the denial of service attack (DoS), caused for the modifications introduced in the XML of the SOAP messages. The specifications of existing security standards do not focus on this type of attack. This article presents an advanced mechanism of classification designed in two phases incorporated within a CBR-BDI Agent type. This mechanism classifies the incoming SOAP message and blocks the malicious SOAP messages. Its main feature involves the use of decision trees, fuzzy logic rules and neural networks for filtering attacks. These techniques provide a mechanism of classification with the self-adaption ability to the changes that occur in the patterns of attack. A prototype was developed and the results obtained are presented in this study.

Erreferentzia bibliografikoak

  • [1] Rahaman, M. A., Schaad, A., & Rits, M. (2006). Towards secure SOAP message exchange in a SOA. In SWS ’06: Proceedings of the 3rd ACM workshop on Secure Web Services (pp. 77–84). ACM.
  • [2] OASIS. (2004). Web services security: SOAP message security 1.1 (WS-Security 2004).
  • [3] Della-Libera, G., Gudgin, M., Hallam-Baker, P., Hondo, M., Granqvist, H., & Kaler, C. (2005). Web Services Security Policy Language Version 1.0 (WS-SecurityPolicy).
  • [4] Anderson, S., Bohren, J., Boubez, T., Chanliau, M., Della, G., & Dixon, B. (2004). Web services trust language (WS-Trust).
  • [5] Anderson, S., Bohren, J., Boubez, T., Chanliau, M., Della-Libera, G., & Dixon, B. (2004). Web services secure conversation language (WS-SecureConversation) version 1.1.
  • [6] Gruschka, N., & Luttenberger, N. (2006). Protecting web services from DoS attacks by SOAP message validation. In SEC (pp. 171–182).
  • [7] Laza, R., Pavn, R., & Corchado, J. M. (2003). A reasoning model for CBR BDI agents using an adaptable fuzzy inference system. In R. Conejo, M. Urretavizcaya, & J. L. P. de la Cruz (Eds.), 10th Conference of the Spanish Association for Artificial Intelligence (Vol. 3040, pp. 96–106). Springer.
  • [8] Rao, A. S., & Georgeff, M. P. (1991). Modeling rational agents within a BDI architecture. In Proceedings of the 2nd International Conference on Principles of Knowledge Representation and Reasoning (KR’91) (pp. 473–484). Morgan Kaufmann Publishers Inc.
  • [9] Aamodt, A., & Plaza, E. (1994). Case-based reasoning: Foundational issues, methodological variations, and system approaches. AI Communications, 7(1), 39–59.
  • [10] Bittencourt, H., & Clarke, R. (2003). Use of classification and regression trees (CART) to classify remotely-sensed digital images. In Geoscience and Remote Sensing Symposium, 2003. IGARSS ’03. Proceedings. 2003 IEEE International (Vol. 6, pp. 3751–3753). IEEE.
  • [11] Shun, J., & Malki, H. A. (2008). Network intrusion detection system using neural networks. In International Conference on Natural Computation (Vol. 5, pp. 242–246).
  • [12] Snell, J., Tidwell, D., & Kulchenko, P. (2001). Programming Web Services with SOAP. O'Reilly.
  • [13] Loh, Y.-S., Yau, W\.-C., Wong, C.-T., & Ho, W\.-C. (2006). Design and implementation of an XML firewall. In International Conference on Computational Intelligence and Security (Vol. 2, pp. 1147–1150). IEEE.
  • [14] Yee, C. G., Shin, W. H., & Rao, G. S. V. R. K. (2007). An adaptive intrusion detection and prevention (ID/IP) framework for web services. In International Conference on Convergence Information Technology (ICCIT ’07) (pp. 528–534). IEEE Computer Society.
  • [15] Jensen, M., Gruschka, N., Herkenhoner, R., & Luttenberger, N. (2007). SOA and web services: New technologies, new standards—new attacks. In Fifth European Conference on Web Services (pp. 35–44).
  • [16] Ye, X. (2008). Countering DDoS and XDoS attacks against web services. In IEEE/IFIP International Conference on Embedded and Ubiquitous Computing (Vol. 1, pp. 346–352).
  • [17] Chonka, A., Zhou, W., & Xiang, Y. (2009). Defending grid web services from XDoS attacks by SOTA. In IEEE International Conference on Pervasive Computing and Communications (pp. 1–6).
  • [18] Carrascosa, C., Bajo, J., Julian, V., Corchado, J. M., & Botti, V. (2008). Hybrid multi-agent architecture as a real-time problem-solving model. Expert Systems with Applications, 34(1), 2–17.
  • [19] Abraham, A., Jain, R., Thomas, J., & Han, S. Y. (2007). D-SCIDS: Distributed soft computing intrusion detection system. Journal of Network and Computer Applications, 30(1), 81–98.
  • [20] Corchado, J. M., & Laza, R. (2003). Constructing deliberative agents with case-based reasoning technology. International Journal of Intelligent Systems, 18, 1227–1241.
  • [21] Bratman, M. E., Israel, D. J., & Pollack, M. E. (1988). Plans and resource-bounded practical reasoning. Computational Intelligence, 4, 349–355.
  • [22] Bajo, J., Paz, J. F. D., Tapia, D. I., & Corchado, J. M. (2007). Distributed prediction of carbon dioxide exchange using CBR-BDI agents. International Journal of Computer Science, 16–25.
  • [23] Corchado, J. M., Glez-Bedia, M., Paz, Y. D., Bajo, J., & Paz, J. F. D. (2008). Replanning mechanism for deliberative agents in dynamic changing environments. Computational Intelligence, 24, 77–107.
  • [24] Gallagher, M., & Downs, T. (2003). Visualization of learning in multilayer perceptron networks using principal component analysis. Systems, Man, and Cybernetics, Part B: Cybernetics, IEEE Transactions on, 33(1), 28–34.
  • [25] LeCun, Y., Bottou, L., Orr, G., & Muller, K. (1998). Efficient backprop. In G. Orr & M. K. (Eds.), Neural Networks: Tricks of the Trade. Springer.
Datuen iturria: Dialnet