Reducing the Effect of Denial of Service in Web Service Environment

Abstract

—Denial of Service (DoS) attacks can cost online and web service providers money and damage their reputations. The lack of security protection in web services creates a vulnerability attackers can exploit. A new XDoS attack targeting web services has recently emerged, using XML rather than plain old HTML as the attack vector. This paper proposes a middleware tool for detecting and preventing web service XDoS and HTTP flooding attacks. A rule-based technique classifies requests as benign or malicious to detect XDoS attacks. According to the middleware tool’s trial findings, rule-based technology has successfully recognized and blocked XDoS and HTTP flooding assaults such as large payloads, forceful parsing, and external XML elements in near-real time, such as 0.006s across web services. Middleware protects web services from XDoS and distributed XDoS attacks by ensuring nearly 100% service availability for routine requests (DXDoS).