scholarly journals Protection of XML-Based Denail-of-Service and Httpflooding Attacks in Web Services Using the Middleware Tool

2018 ◽  
Vol 7 (4.7) ◽  
pp. 322 ◽  
Author(s):  
Abbas Alasri ◽  
Rossilawati Sulaiman
Keyword(s):  
Web Services ◽  
Web Service ◽  
Real Time ◽  
Web Applications ◽  
Denial Of Service ◽  
Software Infrastructure ◽  
Rule Based ◽  
Flooding Attacks ◽  
Rule Based Approach ◽  
The Web

A web service is defined as the method of communication between the web applications and the clients. Web services are very flexible and scalable as they are independent of both the hardware and software infrastructure. The lack of security protection offered by web services creates a gap which attackers can make use of. Web services are offered on the HyperText Transfer Protocol (HTTP) with Simple Object Access Protocol (SOAP) as the underlying infrastructure. Web services rely heavily on the Extended Mark-up Language (XML). Hence, web services are most vulnerable to attacks which use XML as the attack parameter. Recently, a new type of XML-based Denial-of-Service (XDoS) attacks has surfaced, which targets the web services. The purpose of these attacks is to consume the system resources by sending SOAP requests that contain malicious XML content. Unfortunately, these malicious requests go undetected underneath the network or transportation layers of the Transfer Control Protocol/Internet Protocol (TCP/IP), as they appear to be legitimate packets.In this paper, a middleware tool is proposed to provide real time detection and prevention of XDoS and HTTP flooding attacks in web service. This tool focuses on the attacks on the two layers of the Open System Interconnection (OSI) model, which are to detect and prevent XDoS attacks on the application layer and prevent flooding attacks at the Network layer.The rule-based approach is used to classify requests either as normal or malicious,in order to detect the XDoS attacks. The experimental results from the middleware tool have demonstrated that the rule-based technique has efficiently detected and prevented theattacks of XDoS and HTTP flooding attacks such as the oversized payload, coercive parsing and XML external entities close to real-time such as 0.006s over the web services. The middleware tool provides close to 100% service availability to normal request, hence protecting the web service against the attacks of XDoS and distributed XDoS (DXDoS).\  

Web Services

2007 ◽  
pp. 244-267
Author(s):  
Bernd Aman ◽  
Salima Benbernou ◽  
Benjamin Nguyen
Keyword(s):  
Web Services ◽  
Web Service ◽  
Service Composition ◽  
Web Applications ◽  
Loosely Coupled ◽  
Composition Problem ◽  
Service Oriented ◽  
Service Paradigm ◽  
Current Standards ◽  
The Web

Unlike traditional applications, which depend upon a tight interconnection of all program elements, Web service applications are composed of loosely coupled, autonomous and independent services published on the Web. In this chapter, we first introduces the concept of service oriented computing (SOC) on the Web and the current standards enabling the definition and publication of Web services. This technology’s next evolution is to facilitate the creation and maintenance of Web applications. This can be achieved by exploiting the self-descriptive nature of Web services combined with more powerful models and languages for composing Web services. A second objective of this chapter is to illustrate the complexity of the Web service composition problem and to provide a representative overview of the existing approaches. The chapter concludes with a short presentation of two research projects exploiting and extending the Web service paradigm.

Research on Restful Web Services in Java

2011 ◽  
Vol 135-136 ◽  
pp. 806-808 ◽  
Author(s):  
Hong Jun Li
Keyword(s):  
Web Services ◽  
Web Service ◽  
Web Sites ◽  
Web Applications ◽  
Web Development ◽  
Representational State Transfer ◽  
State Transfer ◽  
Restful Web Service ◽  
Restful Web Services ◽  
The Web

In order to make the Web services, web sites in Java more powerful and flexible, building unified web applications is vital important. By introducing a new style─Representational State Transfer (REST), this paper studied the Java RESTful frameworks and the ways to develop Restful Web Service in Java. The RESTful frameworks in Java can effectively simplify the web development in many ways.

scholarly journals An Automatic Web Service Composition Framework Using QoS-Based Web Service Ranking Algorithm

2015 ◽  
Vol 2015 ◽  
pp. 1-14 ◽  
Author(s):  
Deivamani Mallayya ◽  
Baskaran Ramachandran ◽  
Suganya Viswanathan
Keyword(s):  
Web Services ◽  
Web Service ◽  
Service Composition ◽  
Web Applications ◽  
Web Service Composition ◽  
User Preferences ◽  
User Preference ◽  
Global Constraints ◽  
Service Ranking ◽  
The Web

Web service has become the technology of choice for service oriented computing to meet the interoperability demands in web applications. In the Internet era, the exponential addition of web services nominates the “quality of service” as essential parameter in discriminating the web services. In this paper, a user preference based web service ranking (UPWSR) algorithm is proposed to rank web services based on user preferences and QoS aspect of the web service. When the user’s request cannot be fulfilled by a single atomic service, several existing services should be composed and delivered as a composition. The proposed framework allows the user to specify the local and global constraints for composite web services which improves flexibility. UPWSR algorithm identifies best fit services for each task in the user request and, by choosing the number of candidate services for each task, reduces the time to generate the composition plans. To tackle the problem of web service composition, QoS aware automatic web service composition (QAWSC) algorithm proposed in this paper is based on the QoS aspects of the web services and user preferences. The proposed framework allows user to provide feedback about the composite service which improves the reputation of the services.

Web Service Specifications Relevant for Service Oriented Infrastructures

2011 ◽  
pp. 174-198 ◽  
Author(s):  
Eduardo Oliveros ◽  
Jesús Movilla ◽  
Andreas Menychtas ◽  
Roland Kuebert ◽  
Michael Braitmaier ◽  
...  
Keyword(s):  
Web Services ◽  
Web Service ◽  
Real Time ◽  
State Of The Art ◽  
The State ◽  
Data Centre ◽  
Development Tools ◽  
Service Oriented ◽  
The Web

Service Oriented Infrastructures (SOIs) have recently seen increased use, mainly thanks to technologies for data centre virtualization and the emergence and increasing commercial offering of Cloud solutions. Web Services have been seen as a tool to implement SOI solutions thanks to their versatility and interoperability, but at the same time, Web Services have been considered not suitable for providing interactive real-time solutions. In this chapter the state of the art of the Web service technology will be analysed, and their different communication mechanisms and the existing implementations will be compared. Firstly, the different standardisation bodies working on Web service specifications relevant to SOI will be introduced. The various approaches to implement Web services will be described followed by the Web service specifications and the middleware that make use of those specifications, including the description of the commercial interfaces and development tools to create services for the cloud. In the last part of the chapter, the interoperability problems present on the different frameworks and the existing solutions to minimize those interoperability problems will be explained.

Web Service Evaluation Using Probabilistic Models

2014 ◽  
pp. 288-294
Author(s):  
S. Zimeras
Keyword(s):  
Information System ◽  
Web Services ◽  
Web Service ◽  
Software Metrics ◽  
Probabilistic Models ◽  
Web Applications ◽  
Evaluation Criteria ◽  
Service Evaluation ◽  
The Web

Information system users, administrators, and designers are all interested in performance evaluation since their goal is to obtain or provide the highest performance at the lowest cost. This goal has resulted in continuing evolution of higher performance and lower cost systems leading to today’s proliferation of workstations and personal computers, many of which have better performance than earlier supercomputers. As the variety of Web services applications (Websites) increases, it gets more important to have a set of evaluation criteria that should evaluate the performance of their effectiveness. Based on those criteria, the quality of the services that the Web applications are providing could be analysed. This work represents software metrics that could (or need) be used to quantify the quality of the information that the Web services are providing. These measures could be useful to understand problematic frameworks during the implementation of the Websites and could lead to solutions preventing those problems.

Web Service Evaluation Using Probabilistic Models

2018 ◽  
pp. 1275-1283
Author(s):  
S. Zimeras
Keyword(s):  
Information System ◽  
Web Services ◽  
Web Service ◽  
Software Metrics ◽  
Probabilistic Models ◽  
Web Applications ◽  
Evaluation Criteria ◽  
Service Evaluation ◽  
The Web

Information system users, administrators, and designers are all interested in performance evaluation since their goal is to obtain or provide the highest performance at the lowest cost. This goal has resulted in continuing evolution of higher performance and lower cost systems leading to today's proliferation of workstations and personal computers, many of which have better performance than earlier supercomputers. As the variety of Web services applications (Websites) increases, it gets more important to have a set of evaluation criteria that should evaluate the performance of their effectiveness. Based on those criteria, the quality of the services that the Web applications are providing could be analysed. This work represents software metrics that could (or need) be used to quantify the quality of the information that the Web services are providing. These measures could be useful to understand problematic frameworks during the implementation of the Websites and could lead to solutions preventing those problems.

Web Services Architecture Model to Support Distributed Systems

2019 ◽  
Vol 54 (6) ◽  
Author(s):  
Sawsan Ali Hamid ◽  
Rana Alauldeen Abdalrahman ◽  
Inam Abdullah Lafta ◽  
Israa Al Barazanchi
Keyword(s):  
Web Services ◽  
Web Service ◽  
Distributed System ◽  
Modern Technology ◽  
Service Description ◽  
Architecture Model ◽  
Software Applications ◽  
Evolving Model ◽  
The Web

Recently, web services have presented a new and evolving model for constructing the distributed system. The meteoric growth of the Web over the last few years proves the efficacy of using simple protocols over the Internet as the basis for a large number of web services and applications. Web service is a modern technology of web, which can be defined as software applications with a programmatic interface based on Internet protocol. Web services became common in the applications of the web by the help of Universal, Description, Discovery and Integration; Web Service Description Language and Simple Object Access Protocol. The architecture of web services refers to a collection of conceptual components in which common sets of standard can be defined among interoperating components. Nevertheless, the existing Web service's architecture is not impervious to some challenges, such as security problems, and the quality of services. Against this backdrop, the present study will provide an overview of these issues. Therefore, it aims to propose web services architecture model to support distributed system in terms of application and issues.

A QoS-aware approach for runtime discovery, selection and composition of semantic web services

2016 ◽  
Vol 12 (2) ◽  
pp. 177-200 ◽  
Author(s):  
Sanjay Garg ◽  
Kirit Modi ◽  
Sanjay Chaudhary
Keyword(s):  
Web Services ◽  
Semantic Web ◽  
Web Service ◽  
User Satisfaction ◽  
Service Discovery ◽  
Semantic Web Services ◽  
Functional Requirements ◽  
Semantic Description ◽  
Content Type ◽  
The Web

Purpose Web services play vital role in the development of emerging technologies such as Cloud computing and Internet of Things. Although, there is a close relationship among the discovery, selection and composition tasks of Web services, research community has treated these challenges at individual level rather to focus on them collectively for developing efficient solution, which is the purpose of this work. This paper aims to propose an approach to integrate the service discovery, selection and composition of Semantic Web services on runtime basis. Design/methodology/approach The proposed approach defined as a quality of service (QoS)-aware approach is based on QoS model to perform discovery, selection and composition tasks at runtime to enhance the user satisfaction and quality guarantee by incorporating non-functional parameters such as response time and throughput with the Web services and user request. In this paper, the proposed approach is based on ontology for semantic description of Web services, which provides interoperability and automation in the Web services tasks. Findings This work proposed an integrated framework of Web service discovery, selection and composition which supports end user to search, select and compose the Web services at runtime using semantic description and non-functional requirements. The proposed approach is evaluated by various data sets from the Web Service Challenge 2009 (WSC-2009) to show the efficiency of this work. A use case scenario of Healthcare Information System is implemented using proposed work to demonstrate the usability and requirement the proposed approach. Originality/value The main contribution of this paper is to develop an integrated approach of Semantic Web services discovery, selection and composition by using the non-functional requirements.

scholarly journals A Cluster-Based Browsing Model For QoS-Aware Web Service Selection

2021 ◽  
Author(s):  
Kian Farsandaj
Keyword(s):  
Web Services ◽  
Web Service ◽  
Clustering Algorithm ◽  
Service Selection ◽  
Functional Requirements ◽  
Analysis Techniques ◽  
Symbolic Data ◽  
Web Service Selection ◽  
The Web

In the last decade, selecting suitable web services based on users’ requirements has become one of the major subjects in the web service domain. Any research works have been done - either based on functional requirements, or focusing more on Quality of Service (QoS) - based selection. We believe that searching is not the only way to implement the selection. Selection could also be done by browsing, or by a combination of searching and browsing. In this thesis, we propose a browsing method based on the Scatter/Gather model, which helps users gain a better understanding of the QoS value distribution of the web services and locate their desired services. Because the Scatter/Gather model uses cluster analysis techniques and web service QoS data is best represented as a vector of intervals, or more generically a vector of symbolic data, we apply for symbolic clustering algorithm and implement different variations of the Scatter/Gather model. Through our experiments on both synthetic and real datasets, we identify the most efficient ( based on the processing time) and effective implementations.

Sign in / Sign up

Export Citation Format

Share Document