Protecting Web Services against DoS Attacks: A Case-Based Reasoning Approach

Abstract

The real-time detection is a key factor to detect and block DoS attacks within Web services. DoS attacks can be generated for different techniques that take advantage of points vulnerable within Web services. This paper describes a novel proposal based on a real time agent to classify user requests and detect and block malicious SOAP messages. The classification mechanism is based on a Case-Base Reasoning (CBR) model, where the different CBR phases are time bounded. Within the reuse phase of the CBR cycle is incorporated a mixture of experts to choose the most suitable technique of classification depending on the feature of the attack and the available time to solve the classification. A prototype of the architecture was developed and the results obtained are presented in this study.